007ffe8a04048f R14: 00007f1f6297d300 R15: 0000000000022000 13:57:27 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) [ 671.632357] FAULT_INJECTION: forcing a failure. [ 671.632357] name failslab, interval 1, probability 0, space 0, times 0 [ 671.633543] CPU: 1 PID: 6096 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 671.638214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 671.639020] Call Trace: [ 671.639250] dump_stack+0x107/0x167 [ 671.639603] should_fail.cold+0x5/0xa [ 671.639982] should_failslab+0x5/0x20 [ 671.640306] __kmalloc_track_caller+0x79/0x370 [ 671.640812] ? strndup_user+0x74/0xe0 [ 671.641142] memdup_user+0x22/0xd0 [ 671.641489] strndup_user+0x74/0xe0 [ 671.641854] __x64_sys_mount+0x133/0x300 [ 671.642225] ? copy_mnt_ns+0xa00/0xa00 [ 671.642604] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 671.643128] ? syscall_enter_from_user_mode+0x1d/0x50 [ 671.643609] do_syscall_64+0x33/0x40 [ 671.643979] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 671.644481] RIP: 0033:0x7ff91eae3b19 [ 671.644848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 671.646522] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 671.647240] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 671.647924] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 671.648602] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 671.649251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 671.649935] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:57:27 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 13:57:27 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:27 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 13:57:27 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:27 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:27 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 13:57:27 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:27 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 13:57:27 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:28 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 2) 13:57:28 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 13:57:28 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) [ 671.823683] FAULT_INJECTION: forcing a failure. [ 671.823683] name failslab, interval 1, probability 0, space 0, times 0 [ 671.824717] CPU: 1 PID: 6132 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 671.825351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 671.826090] Call Trace: [ 671.826320] dump_stack+0x107/0x167 [ 671.826635] should_fail.cold+0x5/0xa [ 671.827004] ? create_object.isra.0+0x3a/0xa20 [ 671.827389] ? create_object.isra.0+0x3a/0xa20 [ 671.827832] should_failslab+0x5/0x20 [ 671.828155] kmem_cache_alloc+0x5b/0x310 [ 671.828499] create_object.isra.0+0x3a/0xa20 [ 671.828949] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 671.829228] 9pnet: Insufficient options for proto=fd [ 671.829379] __kmalloc_track_caller+0x177/0x370 [ 671.830212] ? strndup_user+0x74/0xe0 [ 671.830537] memdup_user+0x22/0xd0 [ 671.830895] strndup_user+0x74/0xe0 [ 671.831205] __x64_sys_mount+0x133/0x300 [ 671.831546] ? copy_mnt_ns+0xa00/0xa00 [ 671.831939] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 671.832381] ? syscall_enter_from_user_mode+0x1d/0x50 [ 671.832864] do_syscall_64+0x33/0x40 [ 671.833182] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 671.833612] RIP: 0033:0x7ff91eae3b19 [ 671.834016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 671.835593] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 671.836285] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 671.836925] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 671.837525] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 671.838177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 671.838848] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:57:28 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) [ 671.855833] 9pnet: Insufficient options for proto=fd 13:57:28 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:28 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 13:57:28 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 671.902487] 9pnet: Insufficient options for proto=fd [ 671.925411] cgroup: fork rejected by pids controller in /syz6 [ 671.933094] 9pnet: Insufficient options for proto=fd 13:57:28 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) [ 671.961091] 9pnet: Insufficient options for proto=fd [ 671.961338] 9pnet: Insufficient options for proto=fd 13:57:41 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) [ 685.750143] 9pnet: Insufficient options for proto=fd [ 685.760968] 9pnet: Insufficient options for proto=fd [ 685.774956] 9pnet: Insufficient options for proto=fd [ 685.784919] FAULT_INJECTION: forcing a failure. [ 685.784919] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 685.785989] CPU: 1 PID: 6184 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 685.786615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 685.787352] Call Trace: [ 685.787605] dump_stack+0x107/0x167 [ 685.787942] should_fail.cold+0x5/0xa [ 685.788320] _copy_from_user+0x2e/0x1b0 [ 685.788739] memdup_user+0x65/0xd0 [ 685.789111] strndup_user+0x74/0xe0 [ 685.789468] __x64_sys_mount+0x133/0x300 [ 685.789842] ? copy_mnt_ns+0xa00/0xa00 [ 685.790217] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 685.790704] ? syscall_enter_from_user_mode+0x1d/0x50 [ 685.791179] do_syscall_64+0x33/0x40 [ 685.791525] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 685.791990] RIP: 0033:0x7ff91eae3b19 [ 685.792334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 685.793977] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 685.794687] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 685.795419] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 685.796105] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 685.796742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 685.797385] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:57:41 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 3) 13:57:41 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:41 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 13:57:41 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:41 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:57:41 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:42 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:42 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:42 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:42 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:57:42 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) [ 685.860474] 9pnet: Insufficient options for proto=fd 13:57:42 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:57:42 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 4) 13:57:42 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:42 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 685.924807] 9pnet: Insufficient options for proto=fd 13:57:42 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:57:42 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) [ 685.975915] FAULT_INJECTION: forcing a failure. [ 685.975915] name failslab, interval 1, probability 0, space 0, times 0 [ 685.977024] CPU: 0 PID: 6218 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 685.977634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 685.978470] Call Trace: [ 685.978724] dump_stack+0x107/0x167 [ 685.979109] should_fail.cold+0x5/0xa [ 685.979462] ? copy_mount_options+0x55/0x180 [ 685.979916] should_failslab+0x5/0x20 [ 685.980266] kmem_cache_alloc_trace+0x55/0x320 [ 685.980683] ? _copy_from_user+0xfb/0x1b0 [ 685.981124] copy_mount_options+0x55/0x180 [ 685.981516] __x64_sys_mount+0x1a8/0x300 [ 685.981979] ? copy_mnt_ns+0xa00/0xa00 [ 685.982360] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 685.982888] ? syscall_enter_from_user_mode+0x1d/0x50 [ 685.983360] do_syscall_64+0x33/0x40 [ 685.983696] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 685.984200] RIP: 0033:0x7ff91eae3b19 [ 685.984540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 685.986109] 9pnet: Insufficient options for proto=fd [ 685.986316] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 685.986331] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 685.986343] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 685.988841] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 685.989491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 685.990222] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 686.074010] 9pnet: Insufficient options for proto=fd 13:58:02 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:02 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:58:02 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 5) 13:58:02 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:02 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 706.433026] 9pnet: Insufficient options for proto=fd 13:58:02 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:58:02 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:02 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:02 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 706.442462] 9pnet: Insufficient options for proto=fd [ 706.451398] FAULT_INJECTION: forcing a failure. [ 706.451398] name failslab, interval 1, probability 0, space 0, times 0 [ 706.452491] CPU: 0 PID: 6262 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 706.453068] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 706.453798] Call Trace: [ 706.454026] dump_stack+0x107/0x167 [ 706.454332] should_fail.cold+0x5/0xa [ 706.454759] ? create_object.isra.0+0x3a/0xa20 [ 706.455167] should_failslab+0x5/0x20 [ 706.455556] kmem_cache_alloc+0x5b/0x310 13:58:02 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 706.456467] create_object.isra.0+0x3a/0xa20 [ 706.456844] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 706.457274] kmem_cache_alloc_trace+0x151/0x320 [ 706.457723] copy_mount_options+0x55/0x180 [ 706.458080] __x64_sys_mount+0x1a8/0x300 [ 706.458506] ? copy_mnt_ns+0xa00/0xa00 [ 706.458842] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 706.459284] ? syscall_enter_from_user_mode+0x1d/0x50 [ 706.459765] do_syscall_64+0x33/0x40 [ 706.460078] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 706.460561] RIP: 0033:0x7ff91eae3b19 [ 706.460968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 706.462867] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 706.464241] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 706.465588] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 706.466661] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 706.467260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 706.467919] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:58:16 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 6) 13:58:16 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 13:58:16 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 13:58:16 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 719.973359] FAULT_INJECTION: forcing a failure. [ 719.973359] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 719.974407] CPU: 1 PID: 6302 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 719.975002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 719.975695] Call Trace: [ 719.975955] dump_stack+0x107/0x167 [ 719.976266] should_fail.cold+0x5/0xa [ 719.976600] _copy_from_user+0x2e/0x1b0 [ 719.976948] copy_mount_options+0x76/0x180 [ 719.977308] __x64_sys_mount+0x1a8/0x300 [ 719.977653] ? copy_mnt_ns+0xa00/0xa00 [ 719.977990] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 719.978438] ? syscall_enter_from_user_mode+0x1d/0x50 [ 719.978903] do_syscall_64+0x33/0x40 [ 719.979221] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 719.979658] RIP: 0033:0x7ff91eae3b19 [ 719.979978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 719.981528] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 719.982182] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 719.982812] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 719.983433] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 719.984057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 719.984682] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:58:16 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:16 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:30 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 7) 13:58:30 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:30 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:30 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 13:58:30 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:30 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 13:58:30 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:30 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:30 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 733.875050] FAULT_INJECTION: forcing a failure. [ 733.875050] name failslab, interval 1, probability 0, space 0, times 0 [ 733.876137] CPU: 0 PID: 6373 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 733.876750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 733.877571] Call Trace: [ 733.877800] dump_stack+0x107/0x167 [ 733.878173] should_fail.cold+0x5/0xa [ 733.878573] ? getname_flags.part.0+0x50/0x4f0 [ 733.879047] should_failslab+0x5/0x20 [ 733.879417] kmem_cache_alloc+0x5b/0x310 [ 733.879765] getname_flags.part.0+0x50/0x4f0 [ 733.880208] ? _copy_from_user+0xfb/0x1b0 [ 733.880605] user_path_at_empty+0xa1/0x100 [ 733.881204] __x64_sys_mount+0x1e9/0x300 [ 733.881603] ? copy_mnt_ns+0xa00/0xa00 [ 733.881988] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 733.882492] ? syscall_enter_from_user_mode+0x1d/0x50 [ 733.883005] do_syscall_64+0x33/0x40 [ 733.883401] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 733.883841] RIP: 0033:0x7ff91eae3b19 [ 733.884206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 733.886024] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 733.886736] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 733.887471] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 733.888116] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 733.888777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 733.889485] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:58:44 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 3: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 8) 13:58:44 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 13:58:44 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 13:58:44 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 1) [ 747.958420] FAULT_INJECTION: forcing a failure. [ 747.958420] name failslab, interval 1, probability 0, space 0, times 0 [ 747.959571] CPU: 0 PID: 6402 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 747.960190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.960953] Call Trace: [ 747.961204] dump_stack+0x107/0x167 [ 747.961561] should_fail.cold+0x5/0xa [ 747.961920] ? create_object.isra.0+0x3a/0xa20 [ 747.962346] should_failslab+0x5/0x20 [ 747.962716] kmem_cache_alloc+0x5b/0x310 [ 747.963112] create_object.isra.0+0x3a/0xa20 [ 747.963519] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 747.964006] kmem_cache_alloc+0x159/0x310 [ 747.964395] getname_flags.part.0+0x50/0x4f0 [ 747.964818] ? _copy_from_user+0xfb/0x1b0 [ 747.965206] user_path_at_empty+0xa1/0x100 [ 747.965601] __x64_sys_mount+0x1e9/0x300 [ 747.965991] ? copy_mnt_ns+0xa00/0xa00 [ 747.966356] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.966853] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.967339] do_syscall_64+0x33/0x40 [ 747.967692] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.968173] RIP: 0033:0x7ff91eae3b19 [ 747.968519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.970207] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 747.970930] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 747.971592] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 747.972255] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 747.972902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 747.973572] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 747.980967] FAULT_INJECTION: forcing a failure. [ 747.980967] name failslab, interval 1, probability 0, space 0, times 0 [ 747.982105] CPU: 0 PID: 6410 Comm: syz-executor.5 Not tainted 5.10.223 #1 [ 747.982748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.983507] Call Trace: [ 747.983771] dump_stack+0x107/0x167 [ 747.984114] should_fail.cold+0x5/0xa [ 747.984473] should_failslab+0x5/0x20 [ 747.984837] __kmalloc_track_caller+0x79/0x370 [ 747.985256] ? strndup_user+0x74/0xe0 [ 747.985607] memdup_user+0x22/0xd0 [ 747.985922] strndup_user+0x74/0xe0 [ 747.986223] __x64_sys_mount+0x133/0x300 [ 747.986565] ? copy_mnt_ns+0xa00/0xa00 [ 747.986908] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.987340] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.987767] do_syscall_64+0x33/0x40 [ 747.988085] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.988506] RIP: 0033:0x7f144598cb19 [ 747.988813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.990331] RSP: 002b:00007f1442f02188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 747.990968] RAX: ffffffffffffffda RBX: 00007f1445a9ff60 RCX: 00007f144598cb19 [ 747.991562] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 747.992148] RBP: 00007f1442f021d0 R08: 0000000020000140 R09: 0000000000000000 [ 747.992749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 747.993342] R13: 00007fff75e8406f R14: 00007f1442f02300 R15: 0000000000022000 13:58:44 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 13:58:44 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x60, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 13:58:44 executing program 3: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:44 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x86, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 762.064199] 9pnet: Insufficient options for proto=fd 13:58:58 executing program 3: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:58 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 13:58:58 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:58 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 1) 13:58:58 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 762.075700] FAULT_INJECTION: forcing a failure. [ 762.075700] name failslab, interval 1, probability 0, space 0, times 0 [ 762.076768] CPU: 1 PID: 6462 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 762.077453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 762.078179] Call Trace: [ 762.078454] dump_stack+0x107/0x167 [ 762.078765] should_fail.cold+0x5/0xa [ 762.079154] should_failslab+0x5/0x20 [ 762.079526] __kmalloc_track_caller+0x79/0x370 [ 762.079962] ? strndup_user+0x74/0xe0 [ 762.080287] memdup_user+0x22/0xd0 [ 762.080661] strndup_user+0x74/0xe0 [ 762.081040] __x64_sys_mount+0x133/0x300 [ 762.081427] ? copy_mnt_ns+0xa00/0xa00 [ 762.081762] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 762.082244] ? syscall_enter_from_user_mode+0x1d/0x50 [ 762.082729] do_syscall_64+0x33/0x40 [ 762.083099] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 762.083580] RIP: 0033:0x7ff4194adb19 [ 762.083944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 762.085620] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 762.086321] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 762.087009] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 762.087673] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 762.088320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 762.089024] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 13:58:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xc2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:58 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:58 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 9) 13:58:58 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) [ 762.102513] FAULT_INJECTION: forcing a failure. [ 762.102513] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 762.103641] CPU: 1 PID: 6479 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 762.104245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 762.104999] Call Trace: [ 762.105224] dump_stack+0x107/0x167 [ 762.105531] should_fail.cold+0x5/0xa [ 762.105855] strncpy_from_user+0x34/0x470 [ 762.106257] getname_flags.part.0+0x95/0x4f0 [ 762.106628] ? _copy_from_user+0xfb/0x1b0 [ 762.107034] user_path_at_empty+0xa1/0x100 [ 762.107407] __x64_sys_mount+0x1e9/0x300 [ 762.107754] ? copy_mnt_ns+0xa00/0xa00 [ 762.108140] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 762.108589] ? syscall_enter_from_user_mode+0x1d/0x50 [ 762.109070] do_syscall_64+0x33/0x40 [ 762.109388] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 762.109818] RIP: 0033:0x7ff91eae3b19 [ 762.110922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 762.112474] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 762.113110] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 762.113712] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 762.114307] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 762.114903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 762.115511] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:58:58 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xedc0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:58 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 762.172508] 9pnet: Insufficient options for proto=fd 13:58:58 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 10) 13:58:58 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 2) [ 762.202412] FAULT_INJECTION: forcing a failure. [ 762.202412] name failslab, interval 1, probability 0, space 0, times 0 [ 762.203472] CPU: 0 PID: 6499 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 762.204046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 762.204741] Call Trace: [ 762.204987] dump_stack+0x107/0x167 [ 762.205320] should_fail.cold+0x5/0xa [ 762.205675] ? alloc_fs_context+0x57/0x840 [ 762.206064] should_failslab+0x5/0x20 [ 762.206414] kmem_cache_alloc_trace+0x55/0x320 [ 762.206833] alloc_fs_context+0x57/0x840 [ 762.207222] path_mount+0xaa3/0x2120 [ 762.207565] ? strncpy_from_user+0x9e/0x470 [ 762.207940] ? finish_automount+0xa90/0xa90 [ 762.208319] ? getname_flags.part.0+0x1dd/0x4f0 [ 762.208730] ? _copy_from_user+0xfb/0x1b0 [ 762.209098] __x64_sys_mount+0x282/0x300 [ 762.209448] ? copy_mnt_ns+0xa00/0xa00 [ 762.209801] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 762.210258] ? syscall_enter_from_user_mode+0x1d/0x50 [ 762.210719] do_syscall_64+0x33/0x40 [ 762.211057] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 762.211516] RIP: 0033:0x7ff91eae3b19 [ 762.211857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 762.213427] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 762.214088] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 762.214690] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 762.215307] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 762.215912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 762.216516] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:58:58 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:58:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3a1, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 762.238404] FAULT_INJECTION: forcing a failure. [ 762.238404] name failslab, interval 1, probability 0, space 0, times 0 [ 762.239423] CPU: 1 PID: 6511 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 762.239997] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 762.240688] Call Trace: [ 762.240920] dump_stack+0x107/0x167 [ 762.241232] should_fail.cold+0x5/0xa [ 762.241561] ? create_object.isra.0+0x3a/0xa20 [ 762.241951] should_failslab+0x5/0x20 [ 762.242276] kmem_cache_alloc+0x5b/0x310 [ 762.242627] create_object.isra.0+0x3a/0xa20 [ 762.243001] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 762.243449] __kmalloc_track_caller+0x177/0x370 [ 762.243847] ? strndup_user+0x74/0xe0 [ 762.244178] memdup_user+0x22/0xd0 [ 762.244482] strndup_user+0x74/0xe0 [ 762.244794] __x64_sys_mount+0x133/0x300 [ 762.245140] ? copy_mnt_ns+0xa00/0xa00 [ 762.245475] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 762.245920] ? syscall_enter_from_user_mode+0x1d/0x50 [ 762.246356] do_syscall_64+0x33/0x40 [ 762.246676] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 762.247125] RIP: 0033:0x7ff4194adb19 [ 762.247441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 762.248977] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 762.249622] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 762.250225] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 762.250824] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 762.251435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 762.252039] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 13:59:12 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 11) 13:59:12 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x80000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 3) 13:59:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 775.853458] FAULT_INJECTION: forcing a failure. [ 775.853458] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 775.856696] CPU: 1 PID: 6533 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 775.858518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 775.860696] Call Trace: [ 775.861393] dump_stack+0x107/0x167 [ 775.862355] should_fail.cold+0x5/0xa [ 775.863368] _copy_from_user+0x2e/0x1b0 [ 775.864396] memdup_user+0x65/0xd0 [ 775.865328] strndup_user+0x74/0xe0 [ 775.866277] __x64_sys_mount+0x133/0x300 [ 775.867337] ? copy_mnt_ns+0xa00/0xa00 [ 775.868360] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 775.869654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 775.871069] do_syscall_64+0x33/0x40 [ 775.876063] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 775.877427] RIP: 0033:0x7ff4194adb19 [ 775.878442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 775.882295] FAULT_INJECTION: forcing a failure. [ 775.882295] name failslab, interval 1, probability 0, space 0, times 0 [ 775.883156] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 775.883172] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 775.883180] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 775.883193] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 775.883200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 775.883209] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 775.897135] CPU: 0 PID: 6547 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 775.898397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 775.900341] Call Trace: [ 775.901016] dump_stack+0x107/0x167 [ 775.901574] should_fail.cold+0x5/0xa [ 775.902545] ? create_object.isra.0+0x3a/0xa20 [ 775.903457] should_failslab+0x5/0x20 [ 775.904231] kmem_cache_alloc+0x5b/0x310 [ 775.905346] create_object.isra.0+0x3a/0xa20 [ 775.906912] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 775.908487] kmem_cache_alloc_trace+0x151/0x320 [ 775.909480] alloc_fs_context+0x57/0x840 [ 775.910375] path_mount+0xaa3/0x2120 [ 775.911339] ? strncpy_from_user+0x9e/0x470 [ 775.911874] ? finish_automount+0xa90/0xa90 [ 775.914279] ? getname_flags.part.0+0x1dd/0x4f0 [ 775.914961] ? _copy_from_user+0xfb/0x1b0 [ 775.915394] __x64_sys_mount+0x282/0x300 [ 775.915770] ? copy_mnt_ns+0xa00/0xa00 [ 775.916182] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 775.916728] ? syscall_enter_from_user_mode+0x1d/0x50 [ 775.917229] do_syscall_64+0x33/0x40 [ 775.917577] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 775.918066] RIP: 0033:0x7ff91eae3b19 [ 775.918415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 775.921482] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 775.922201] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 775.922847] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 775.923809] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 775.924471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 775.925121] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 775.939874] 9pnet: Insufficient options for proto=fd 13:59:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 776.057210] 9pnet: Insufficient options for proto=fd 13:59:25 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 4) 13:59:25 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 12) [ 789.466921] 9pnet: Insufficient options for proto=fd [ 789.473351] FAULT_INJECTION: forcing a failure. [ 789.473351] name failslab, interval 1, probability 0, space 0, times 0 13:59:25 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 789.475722] CPU: 1 PID: 6612 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 789.477264] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.479166] Call Trace: [ 789.479774] dump_stack+0x107/0x167 [ 789.480601] should_fail.cold+0x5/0xa [ 789.481468] ? copy_mount_options+0x55/0x180 [ 789.482476] should_failslab+0x5/0x20 [ 789.483347] kmem_cache_alloc_trace+0x55/0x320 [ 789.484391] ? _copy_from_user+0xfb/0x1b0 [ 789.485342] copy_mount_options+0x55/0x180 [ 789.486300] __x64_sys_mount+0x1a8/0x300 [ 789.487216] ? copy_mnt_ns+0xa00/0xa00 [ 789.488106] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.489295] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.490458] do_syscall_64+0x33/0x40 [ 789.491301] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.492480] RIP: 0033:0x7ff4194adb19 [ 789.493331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 789.497543] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 789.499266] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 789.500897] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 789.502523] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 789.504154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 789.505787] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 789.533815] FAULT_INJECTION: forcing a failure. [ 789.533815] name failslab, interval 1, probability 0, space 0, times 0 [ 789.535875] CPU: 0 PID: 6626 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 789.536544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.537350] Call Trace: [ 789.537652] dump_stack+0x107/0x167 [ 789.538047] should_fail.cold+0x5/0xa [ 789.538464] ? legacy_init_fs_context+0x44/0xe0 [ 789.538956] should_failslab+0x5/0x20 [ 789.539370] kmem_cache_alloc_trace+0x55/0x320 [ 789.539832] ? lockdep_init_map_type+0x2c7/0x780 [ 789.540321] legacy_init_fs_context+0x44/0xe0 [ 789.541373] ? generic_parse_monolithic+0x1f0/0x1f0 [ 789.542513] alloc_fs_context+0x4fd/0x840 [ 789.543500] path_mount+0xaa3/0x2120 [ 789.544369] ? strncpy_from_user+0x9e/0x470 [ 789.545351] ? finish_automount+0xa90/0xa90 [ 789.546357] ? getname_flags.part.0+0x1dd/0x4f0 [ 789.547447] ? _copy_from_user+0xfb/0x1b0 [ 789.548417] __x64_sys_mount+0x282/0x300 [ 789.549360] ? copy_mnt_ns+0xa00/0xa00 [ 789.550260] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.551484] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.552682] do_syscall_64+0x33/0x40 [ 789.553534] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.554717] RIP: 0033:0x7ff91eae3b19 [ 789.555575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 789.559823] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 789.561558] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 789.563192] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 789.564842] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 789.566474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 789.568127] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:59:25 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 789.606821] 9pnet: Insufficient options for proto=fd 13:59:25 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 13:59:25 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:25 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 5) 13:59:25 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 789.701849] FAULT_INJECTION: forcing a failure. [ 789.701849] name failslab, interval 1, probability 0, space 0, times 0 [ 789.704187] CPU: 0 PID: 6666 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 789.705790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.707739] Call Trace: [ 789.709112] dump_stack+0x107/0x167 [ 789.709960] should_fail.cold+0x5/0xa [ 789.710848] ? create_object.isra.0+0x3a/0xa20 [ 789.711938] should_failslab+0x5/0x20 [ 789.712829] kmem_cache_alloc+0x5b/0x310 [ 789.713761] create_object.isra.0+0x3a/0xa20 [ 789.715096] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 789.716216] kmem_cache_alloc_trace+0x151/0x320 [ 789.717025] ? _copy_from_user+0xfb/0x1b0 [ 789.717757] copy_mount_options+0x55/0x180 [ 789.718497] __x64_sys_mount+0x1a8/0x300 [ 789.719203] ? copy_mnt_ns+0xa00/0xa00 [ 789.719636] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.720083] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.720525] do_syscall_64+0x33/0x40 [ 789.721053] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.721935] RIP: 0033:0x7ff4194adb19 [ 789.722583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 789.725821] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 789.727122] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 789.728648] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 789.729878] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 789.731090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 789.732598] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 803.206415] FAULT_INJECTION: forcing a failure. [ 803.206415] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 803.207587] CPU: 1 PID: 6678 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 803.208201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 803.208945] Call Trace: [ 803.209173] dump_stack+0x107/0x167 [ 803.209476] should_fail.cold+0x5/0xa [ 803.209797] _copy_from_user+0x2e/0x1b0 [ 803.210182] copy_mount_options+0x76/0x180 [ 803.210539] __x64_sys_mount+0x1a8/0x300 [ 803.210918] ? copy_mnt_ns+0xa00/0xa00 [ 803.211245] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 803.211690] ? syscall_enter_from_user_mode+0x1d/0x50 [ 803.212196] do_syscall_64+0x33/0x40 [ 803.212505] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 803.212974] RIP: 0033:0x7ff4194adb19 [ 803.213282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 803.214880] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 803.215522] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 803.216159] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 803.216741] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 803.217372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 803.218001] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 803.235541] FAULT_INJECTION: forcing a failure. [ 803.235541] name failslab, interval 1, probability 0, space 0, times 0 [ 803.236581] CPU: 0 PID: 6700 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 803.237153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 803.237845] Call Trace: [ 803.238077] dump_stack+0x107/0x167 [ 803.238388] should_fail.cold+0x5/0xa [ 803.238725] ? create_object.isra.0+0x3a/0xa20 [ 803.239118] should_failslab+0x5/0x20 [ 803.239446] kmem_cache_alloc+0x5b/0x310 [ 803.239813] create_object.isra.0+0x3a/0xa20 [ 803.240187] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 803.240620] kmem_cache_alloc_trace+0x151/0x320 [ 803.241018] ? lockdep_init_map_type+0x2c7/0x780 [ 803.241425] legacy_init_fs_context+0x44/0xe0 [ 803.241809] ? generic_parse_monolithic+0x1f0/0x1f0 [ 803.242231] alloc_fs_context+0x4fd/0x840 [ 803.242588] path_mount+0xaa3/0x2120 [ 803.242912] ? strncpy_from_user+0x9e/0x470 [ 803.243275] ? finish_automount+0xa90/0xa90 [ 803.243664] ? getname_flags.part.0+0x1dd/0x4f0 [ 803.244061] ? _copy_from_user+0xfb/0x1b0 [ 803.244417] __x64_sys_mount+0x282/0x300 [ 803.244767] ? copy_mnt_ns+0xa00/0xa00 [ 803.245100] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 803.245546] ? syscall_enter_from_user_mode+0x1d/0x50 [ 803.245985] do_syscall_64+0x33/0x40 [ 803.246301] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 803.246736] RIP: 0033:0x7ff91eae3b19 [ 803.247054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 803.248627] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 803.249272] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 803.249874] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 803.250473] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 13:59:39 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 6) 13:59:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 13:59:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:39 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 13) 13:59:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:39 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 803.251072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 803.251994] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:59:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 7) 13:59:54 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 14) 13:59:54 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 817.903195] FAULT_INJECTION: forcing a failure. [ 817.903195] name failslab, interval 1, probability 0, space 0, times 0 [ 817.904428] CPU: 0 PID: 6736 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 817.905141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 817.907360] Call Trace: [ 817.907595] dump_stack+0x107/0x167 [ 817.908013] should_fail.cold+0x5/0xa [ 817.908387] ? v9fs_mount+0x5a/0x8f0 [ 817.908781] should_failslab+0x5/0x20 [ 817.909151] kmem_cache_alloc_trace+0x55/0x320 [ 817.909598] ? v9fs_write_inode+0x60/0x60 [ 817.910061] v9fs_mount+0x5a/0x8f0 [ 817.910437] ? v9fs_write_inode+0x60/0x60 [ 817.910883] legacy_get_tree+0x105/0x220 [ 817.911239] vfs_get_tree+0x8e/0x300 [ 817.911599] path_mount+0x1429/0x2120 [ 817.912035] ? strncpy_from_user+0x9e/0x470 [ 817.912444] ? finish_automount+0xa90/0xa90 [ 817.912925] ? getname_flags.part.0+0x1dd/0x4f0 [ 817.913362] ? _copy_from_user+0xfb/0x1b0 [ 817.913773] __x64_sys_mount+0x282/0x300 [ 817.914163] ? copy_mnt_ns+0xa00/0xa00 [ 817.914568] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 817.915126] ? syscall_enter_from_user_mode+0x1d/0x50 [ 817.915610] do_syscall_64+0x33/0x40 [ 817.916034] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 817.916511] RIP: 0033:0x7ff91eae3b19 [ 817.916934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 817.922807] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 817.923542] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 817.925639] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 817.926399] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 817.927125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 817.927825] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 13:59:54 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 817.938409] cgroup: fork rejected by pids controller in /syz0 [ 817.940129] 9pnet: Insufficient options for proto=fd [ 817.948521] FAULT_INJECTION: forcing a failure. [ 817.948521] name failslab, interval 1, probability 0, space 0, times 0 [ 817.949606] CPU: 0 PID: 6761 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 817.950257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 817.951161] Call Trace: [ 817.951438] dump_stack+0x107/0x167 [ 817.951806] should_fail.cold+0x5/0xa [ 817.952179] ? getname_flags.part.0+0x50/0x4f0 [ 817.952612] should_failslab+0x5/0x20 [ 817.953027] kmem_cache_alloc+0x5b/0x310 [ 817.953435] getname_flags.part.0+0x50/0x4f0 [ 817.953889] ? _copy_from_user+0xfb/0x1b0 [ 817.954249] user_path_at_empty+0xa1/0x100 [ 817.954674] __x64_sys_mount+0x1e9/0x300 [ 817.955108] ? copy_mnt_ns+0xa00/0xa00 [ 817.955488] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 817.956072] ? syscall_enter_from_user_mode+0x1d/0x50 [ 817.956565] do_syscall_64+0x33/0x40 [ 817.956968] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 817.957450] RIP: 0033:0x7ff4194adb19 [ 817.957916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 817.960039] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 817.960768] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 817.961480] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 817.962191] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 817.962974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 817.963622] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 13:59:54 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xedc0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2b99, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x80000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 818.070486] 9pnet: Insufficient options for proto=fd 13:59:54 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 8) 13:59:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 1) 13:59:54 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 818.121248] cgroup: fork rejected by pids controller in /syz7 [ 818.127014] FAULT_INJECTION: forcing a failure. [ 818.127014] name failslab, interval 1, probability 0, space 0, times 0 [ 818.128060] CPU: 0 PID: 6797 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 818.128631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.129353] Call Trace: [ 818.129598] dump_stack+0x107/0x167 [ 818.129954] should_fail.cold+0x5/0xa [ 818.130283] should_failslab+0x5/0x20 [ 818.130606] __kmalloc_track_caller+0x79/0x370 [ 818.131063] ? strndup_user+0x74/0xe0 [ 818.131388] memdup_user+0x22/0xd0 [ 818.131702] strndup_user+0x74/0xe0 [ 818.132060] __x64_sys_mount+0x133/0x300 [ 818.132401] ? copy_mnt_ns+0xa00/0xa00 [ 818.132734] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.133222] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.133655] do_syscall_64+0x33/0x40 [ 818.134022] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.134451] RIP: 0033:0x7fefe2865b19 [ 818.134618] FAULT_INJECTION: forcing a failure. [ 818.134618] name failslab, interval 1, probability 0, space 0, times 0 [ 818.134763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.134777] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.138046] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 818.138641] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 818.139276] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 818.139974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 818.140568] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 [ 818.141226] CPU: 1 PID: 6801 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 818.141813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.142514] Call Trace: [ 818.142746] dump_stack+0x107/0x167 [ 818.143060] should_fail.cold+0x5/0xa [ 818.143389] ? create_object.isra.0+0x3a/0xa20 [ 818.143796] should_failslab+0x5/0x20 [ 818.144124] kmem_cache_alloc+0x5b/0x310 [ 818.144473] create_object.isra.0+0x3a/0xa20 [ 818.144851] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.145285] kmem_cache_alloc+0x159/0x310 [ 818.145644] getname_flags.part.0+0x50/0x4f0 [ 818.146022] ? _copy_from_user+0xfb/0x1b0 [ 818.146375] user_path_at_empty+0xa1/0x100 [ 818.146739] __x64_sys_mount+0x1e9/0x300 [ 818.147085] ? copy_mnt_ns+0xa00/0xa00 [ 818.147421] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.147887] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.148326] do_syscall_64+0x33/0x40 [ 818.148645] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.149080] RIP: 0033:0x7ff4194adb19 [ 818.149397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.150949] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.151599] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 818.152218] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 818.152824] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 818.153429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 818.154034] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 13:59:54 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 15) 13:59:54 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2c99, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 13:59:54 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 818.186041] FAULT_INJECTION: forcing a failure. [ 818.186041] name failslab, interval 1, probability 0, space 0, times 0 [ 818.187037] CPU: 1 PID: 6811 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 818.187612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.188075] 9pnet: Insufficient options for proto=fd [ 818.188317] Call Trace: [ 818.188334] dump_stack+0x107/0x167 [ 818.188349] should_fail.cold+0x5/0xa [ 818.189624] ? create_object.isra.0+0x3a/0xa20 [ 818.190019] should_failslab+0x5/0x20 [ 818.190342] kmem_cache_alloc+0x5b/0x310 [ 818.190690] ? cred_has_capability.isra.0+0x152/0x2b0 [ 818.191130] create_object.isra.0+0x3a/0xa20 [ 818.191504] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.191953] kmem_cache_alloc_trace+0x151/0x320 [ 818.192354] ? v9fs_write_inode+0x60/0x60 [ 818.192710] v9fs_mount+0x5a/0x8f0 [ 818.193017] ? v9fs_write_inode+0x60/0x60 [ 818.193372] legacy_get_tree+0x105/0x220 [ 818.193721] vfs_get_tree+0x8e/0x300 [ 818.194037] path_mount+0x1429/0x2120 [ 818.194367] ? strncpy_from_user+0x9e/0x470 [ 818.194734] ? finish_automount+0xa90/0xa90 [ 818.195102] ? getname_flags.part.0+0x1dd/0x4f0 [ 818.195498] ? _copy_from_user+0xfb/0x1b0 [ 818.195869] __x64_sys_mount+0x282/0x300 [ 818.196214] ? copy_mnt_ns+0xa00/0xa00 [ 818.196554] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.197000] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.197438] do_syscall_64+0x33/0x40 [ 818.197758] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.198191] RIP: 0033:0x7ff91eae3b19 [ 818.198510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.200068] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 818.200716] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 818.201316] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 818.201921] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 818.202523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 818.203125] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:00:08 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 9) 14:00:08 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 16) 14:00:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 2) 14:00:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2d99, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8cffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 832.284837] FAULT_INJECTION: forcing a failure. [ 832.284837] name failslab, interval 1, probability 0, space 0, times 0 [ 832.286125] CPU: 1 PID: 6834 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 832.286885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 832.287785] Call Trace: [ 832.288091] dump_stack+0x107/0x167 [ 832.288494] should_fail.cold+0x5/0xa [ 832.288923] ? create_object.isra.0+0x3a/0xa20 [ 832.289427] should_failslab+0x5/0x20 [ 832.289861] kmem_cache_alloc+0x5b/0x310 [ 832.290306] create_object.isra.0+0x3a/0xa20 [ 832.290815] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 832.291367] __kmalloc_track_caller+0x177/0x370 [ 832.291902] ? strndup_user+0x74/0xe0 [ 832.292911] memdup_user+0x22/0xd0 [ 832.293317] strndup_user+0x74/0xe0 [ 832.293782] __x64_sys_mount+0x133/0x300 [ 832.294242] ? copy_mnt_ns+0xa00/0xa00 [ 832.294702] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.295295] ? syscall_enter_from_user_mode+0x1d/0x50 [ 832.295904] do_syscall_64+0x33/0x40 [ 832.296341] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 832.296958] RIP: 0033:0x7fefe2865b19 [ 832.297405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 832.299478] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 832.300255] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 832.300936] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 832.301720] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 832.302467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 832.303123] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 14:00:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 832.325138] FAULT_INJECTION: forcing a failure. [ 832.325138] name failslab, interval 1, probability 0, space 0, times 0 [ 832.326435] CPU: 1 PID: 6848 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 832.327204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 832.328156] Call Trace: [ 832.328488] dump_stack+0x107/0x167 [ 832.328935] should_fail.cold+0x5/0xa [ 832.329391] ? v9fs_mount+0x5a/0x8f0 [ 832.329845] should_failslab+0x5/0x20 [ 832.330280] kmem_cache_alloc_trace+0x55/0x320 [ 832.330831] ? v9fs_write_inode+0x60/0x60 [ 832.331294] v9fs_mount+0x5a/0x8f0 [ 832.331727] ? v9fs_write_inode+0x60/0x60 [ 832.332214] legacy_get_tree+0x105/0x220 [ 832.332696] vfs_get_tree+0x8e/0x300 [ 832.333140] path_mount+0x1429/0x2120 [ 832.333611] ? strncpy_from_user+0x9e/0x470 [ 832.334123] ? finish_automount+0xa90/0xa90 [ 832.334617] ? getname_flags.part.0+0x1dd/0x4f0 [ 832.335162] ? _copy_from_user+0xfb/0x1b0 [ 832.335655] __x64_sys_mount+0x282/0x300 [ 832.336143] ? copy_mnt_ns+0xa00/0xa00 [ 832.336623] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.337211] ? syscall_enter_from_user_mode+0x1d/0x50 [ 832.337821] do_syscall_64+0x33/0x40 [ 832.338232] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 832.338847] RIP: 0033:0x7ff91eae3b19 [ 832.339254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 832.341032] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 832.341748] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 832.342406] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 832.343059] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 832.343728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 832.344378] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 832.371207] FAULT_INJECTION: forcing a failure. [ 832.371207] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 832.373976] CPU: 0 PID: 6855 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 832.375473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 832.377284] Call Trace: [ 832.377867] dump_stack+0x107/0x167 [ 832.378650] should_fail.cold+0x5/0xa [ 832.379477] strncpy_from_user+0x34/0x470 [ 832.380425] getname_flags.part.0+0x95/0x4f0 [ 832.381386] ? _copy_from_user+0xfb/0x1b0 [ 832.382274] user_path_at_empty+0xa1/0x100 [ 832.383199] __x64_sys_mount+0x1e9/0x300 [ 832.384119] ? copy_mnt_ns+0xa00/0xa00 [ 832.384975] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 832.386106] ? syscall_enter_from_user_mode+0x1d/0x50 [ 832.387223] do_syscall_64+0x33/0x40 [ 832.388075] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 832.389191] RIP: 0033:0x7ff4194adb19 [ 832.389987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 832.394047] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 832.395686] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 832.397337] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 832.398903] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 832.400506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 832.402063] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:00:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e99, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:08 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xc0ed0000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 3) 14:00:23 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2f99, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 17) 14:00:23 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf6ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 10) [ 847.356767] FAULT_INJECTION: forcing a failure. [ 847.356767] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 847.361272] FAULT_INJECTION: forcing a failure. [ 847.361272] name failslab, interval 1, probability 0, space 0, times 0 [ 847.365075] CPU: 1 PID: 6906 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 847.366746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 847.367538] Call Trace: [ 847.367797] dump_stack+0x107/0x167 [ 847.368150] should_fail.cold+0x5/0xa [ 847.368533] _copy_from_user+0x2e/0x1b0 [ 847.368923] memdup_user+0x65/0xd0 [ 847.369279] strndup_user+0x74/0xe0 [ 847.369630] __x64_sys_mount+0x133/0x300 [ 847.370012] ? copy_mnt_ns+0xa00/0xa00 [ 847.370388] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 847.370878] ? syscall_enter_from_user_mode+0x1d/0x50 [ 847.371361] do_syscall_64+0x33/0x40 [ 847.371727] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 847.372220] RIP: 0033:0x7fefe2865b19 [ 847.372587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 847.374351] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 847.375113] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 847.375808] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 847.376490] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 847.377173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 847.377873] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 [ 847.378555] CPU: 0 PID: 6900 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 847.379241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 847.380088] Call Trace: [ 847.380379] dump_stack+0x107/0x167 [ 847.380759] should_fail.cold+0x5/0xa [ 847.381146] ? create_object.isra.0+0x3a/0xa20 [ 847.381630] should_failslab+0x5/0x20 [ 847.382019] kmem_cache_alloc+0x5b/0x310 [ 847.382451] create_object.isra.0+0x3a/0xa20 [ 847.382894] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 847.383422] __kmalloc_track_caller+0x177/0x370 [ 847.383899] ? v9fs_session_init+0xa7/0x1680 [ 847.384358] ? kernel_text_address+0xf2/0x120 [ 847.385313] kstrdup+0x36/0x70 [ 847.385550] FAULT_INJECTION: forcing a failure. [ 847.385550] name failslab, interval 1, probability 0, space 0, times 0 [ 847.385652] v9fs_session_init+0xa7/0x1680 [ 847.387042] ? lock_release+0x680/0x680 [ 847.387420] ? find_held_lock+0x2c/0x110 [ 847.387829] ? kmem_cache_alloc_trace+0x151/0x320 [ 847.388283] ? v9fs_show_options+0x690/0x690 [ 847.388706] ? trace_hardirqs_on+0x5b/0x180 [ 847.389616] ? kasan_unpoison_shadow+0x33/0x50 [ 847.390051] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 847.390515] v9fs_mount+0x79/0x8f0 [ 847.390846] ? v9fs_write_inode+0x60/0x60 [ 847.391245] legacy_get_tree+0x105/0x220 [ 847.391632] vfs_get_tree+0x8e/0x300 [ 847.391979] path_mount+0x1429/0x2120 [ 847.392346] ? strncpy_from_user+0x9e/0x470 [ 847.392745] ? finish_automount+0xa90/0xa90 [ 847.393163] ? getname_flags.part.0+0x1dd/0x4f0 [ 847.393593] ? _copy_from_user+0xfb/0x1b0 [ 847.393979] __x64_sys_mount+0x282/0x300 [ 847.394368] ? copy_mnt_ns+0xa00/0xa00 [ 847.394736] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 847.395227] ? syscall_enter_from_user_mode+0x1d/0x50 [ 847.395708] do_syscall_64+0x33/0x40 [ 847.396055] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 847.396549] RIP: 0033:0x7ff91eae3b19 [ 847.396880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 847.400396] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 847.401122] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 847.401809] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 847.403400] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 847.404988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 847.406564] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 847.408159] CPU: 1 PID: 6903 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 847.409831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 847.411837] Call Trace: [ 847.412495] dump_stack+0x107/0x167 [ 847.413387] should_fail.cold+0x5/0xa [ 847.414314] ? alloc_fs_context+0x57/0x840 [ 847.414757] should_failslab+0x5/0x20 [ 847.415713] kmem_cache_alloc_trace+0x55/0x320 [ 847.416207] alloc_fs_context+0x57/0x840 [ 847.417238] path_mount+0xaa3/0x2120 [ 847.417633] ? strncpy_from_user+0x9e/0x470 [ 847.418712] ? finish_automount+0xa90/0xa90 [ 847.419172] ? getname_flags.part.0+0x1dd/0x4f0 [ 847.420347] ? _copy_from_user+0xfb/0x1b0 [ 847.420790] __x64_sys_mount+0x282/0x300 [ 847.421801] ? copy_mnt_ns+0xa00/0xa00 [ 847.422222] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 847.423521] ? syscall_enter_from_user_mode+0x1d/0x50 [ 847.424073] do_syscall_64+0x33/0x40 [ 847.425018] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 847.425554] RIP: 0033:0x7ff4194adb19 [ 847.426481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 847.428339] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 847.430175] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 847.431871] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 847.433647] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 847.435399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 847.437185] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:00:23 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3099, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:23 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xffff0000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 862.688448] FAULT_INJECTION: forcing a failure. [ 862.688448] name failslab, interval 1, probability 0, space 0, times 0 [ 862.689703] CPU: 1 PID: 6965 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 862.690271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 862.691044] Call Trace: [ 862.691273] dump_stack+0x107/0x167 [ 862.691634] should_fail.cold+0x5/0xa [ 862.691958] ? copy_mount_options+0x55/0x180 [ 862.692404] should_failslab+0x5/0x20 [ 862.692734] kmem_cache_alloc_trace+0x55/0x320 [ 862.693121] ? _copy_from_user+0xfb/0x1b0 [ 862.693553] copy_mount_options+0x55/0x180 [ 862.693910] __x64_sys_mount+0x1a8/0x300 [ 862.694251] ? copy_mnt_ns+0xa00/0xa00 [ 862.694636] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 862.695077] ? syscall_enter_from_user_mode+0x1d/0x50 [ 862.695563] do_syscall_64+0x33/0x40 [ 862.695878] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 862.696381] RIP: 0033:0x7fefe2865b19 [ 862.696698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 862.698333] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 862.699036] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 14:00:38 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3199, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:38 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 18) 14:00:38 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 11) 14:00:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 4) 14:00:38 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:38 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:38 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xffffff8c, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:38 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:38 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:38 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfffffff6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 862.700158] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 862.700823] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 862.701469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 862.702066] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 [ 862.711029] FAULT_INJECTION: forcing a failure. [ 862.711029] name failslab, interval 1, probability 0, space 0, times 0 [ 862.712224] CPU: 1 PID: 6974 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 862.712923] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 862.713800] Call Trace: [ 862.714069] dump_stack+0x107/0x167 [ 862.714519] should_fail.cold+0x5/0xa [ 862.714906] ? create_object.isra.0+0x3a/0xa20 [ 862.715426] should_failslab+0x5/0x20 [ 862.715813] kmem_cache_alloc+0x5b/0x310 [ 862.716236] create_object.isra.0+0x3a/0xa20 [ 862.716663] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 862.717091] kmem_cache_alloc_trace+0x151/0x320 [ 862.717584] alloc_fs_context+0x57/0x840 [ 862.717937] path_mount+0xaa3/0x2120 [ 862.718253] ? strncpy_from_user+0x9e/0x470 [ 862.718928] ? finish_automount+0xa90/0xa90 [ 862.719331] ? getname_flags.part.0+0x1dd/0x4f0 [ 862.719732] ? _copy_from_user+0xfb/0x1b0 [ 862.720085] __x64_sys_mount+0x282/0x300 [ 862.720515] ? copy_mnt_ns+0xa00/0xa00 [ 862.720913] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 862.721517] ? syscall_enter_from_user_mode+0x1d/0x50 [ 862.722025] do_syscall_64+0x33/0x40 [ 862.722455] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 862.722964] RIP: 0033:0x7ff4194adb19 [ 862.723380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 862.725096] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 862.725803] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 862.726448] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 862.727049] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 862.727692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 862.728354] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 862.729465] FAULT_INJECTION: forcing a failure. [ 862.729465] name failslab, interval 1, probability 0, space 0, times 0 [ 862.730465] CPU: 1 PID: 6970 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 862.731030] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 862.731762] Call Trace: [ 862.731985] dump_stack+0x107/0x167 [ 862.732376] should_fail.cold+0x5/0xa [ 862.732774] should_failslab+0x5/0x20 [ 862.733159] __kmalloc_track_caller+0x79/0x370 [ 862.733705] ? v9fs_session_init+0xe9/0x1680 [ 862.734153] ? kernel_text_address+0xf2/0x120 [ 862.734671] kstrdup+0x36/0x70 [ 862.735001] v9fs_session_init+0xe9/0x1680 [ 862.735484] ? lock_release+0x680/0x680 [ 862.735886] ? find_held_lock+0x2c/0x110 [ 862.736368] ? kmem_cache_alloc_trace+0x151/0x320 [ 862.736867] ? v9fs_show_options+0x690/0x690 [ 862.737401] ? trace_hardirqs_on+0x5b/0x180 [ 862.737845] ? kasan_unpoison_shadow+0x33/0x50 [ 862.738367] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 862.738887] v9fs_mount+0x79/0x8f0 [ 862.739249] ? v9fs_write_inode+0x60/0x60 [ 862.739725] legacy_get_tree+0x105/0x220 [ 862.740139] vfs_get_tree+0x8e/0x300 [ 862.740568] path_mount+0x1429/0x2120 [ 862.740891] ? strncpy_from_user+0x9e/0x470 [ 862.741253] ? finish_automount+0xa90/0xa90 [ 862.741690] ? getname_flags.part.0+0x1dd/0x4f0 [ 862.742080] ? _copy_from_user+0xfb/0x1b0 [ 862.742487] __x64_sys_mount+0x282/0x300 [ 862.742833] ? copy_mnt_ns+0xa00/0xa00 [ 862.743162] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 862.743655] ? syscall_enter_from_user_mode+0x1d/0x50 [ 862.744090] do_syscall_64+0x33/0x40 [ 862.744487] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 862.744914] RIP: 0033:0x7ff91eae3b19 [ 862.745226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 862.746867] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 862.747549] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 862.748143] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 862.748881] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 862.749683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:00:38 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3299, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 862.750459] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:00:38 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3399, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 5) [ 862.896235] FAULT_INJECTION: forcing a failure. [ 862.896235] name failslab, interval 1, probability 0, space 0, times 0 [ 862.897375] CPU: 0 PID: 7006 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 862.898053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 862.898877] Call Trace: [ 862.899144] dump_stack+0x107/0x167 [ 862.899513] should_fail.cold+0x5/0xa [ 862.899911] ? create_object.isra.0+0x3a/0xa20 [ 862.900378] should_failslab+0x5/0x20 [ 862.900799] kmem_cache_alloc+0x5b/0x310 [ 862.901222] create_object.isra.0+0x3a/0xa20 [ 862.901676] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 862.902270] kmem_cache_alloc_trace+0x151/0x320 [ 862.902741] ? _copy_from_user+0xfb/0x1b0 [ 862.903173] copy_mount_options+0x55/0x180 [ 862.903623] __x64_sys_mount+0x1a8/0x300 [ 862.904039] ? copy_mnt_ns+0xa00/0xa00 [ 862.904440] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 862.904972] ? syscall_enter_from_user_mode+0x1d/0x50 [ 862.905486] do_syscall_64+0x33/0x40 [ 862.905870] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 862.906381] RIP: 0033:0x7fefe2865b19 [ 862.906776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 862.908613] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 862.909399] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 862.910111] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 862.910849] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 862.911577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 862.912303] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 14:00:52 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 19) 14:00:52 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xedc000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:52 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 14:00:52 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 6) 14:00:52 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 12) 14:00:52 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:52 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3499, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:52 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 876.595542] FAULT_INJECTION: forcing a failure. [ 876.595542] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 876.596692] CPU: 0 PID: 7030 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 876.597303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 876.598043] Call Trace: [ 876.598309] dump_stack+0x107/0x167 [ 876.598650] should_fail.cold+0x5/0xa [ 876.599009] _copy_from_user+0x2e/0x1b0 [ 876.599385] copy_mount_options+0x76/0x180 [ 876.599776] __x64_sys_mount+0x1a8/0x300 [ 876.600152] ? copy_mnt_ns+0xa00/0xa00 [ 876.600537] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 876.601015] ? syscall_enter_from_user_mode+0x1d/0x50 [ 876.601492] do_syscall_64+0x33/0x40 [ 876.601835] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 876.602299] RIP: 0033:0x7fefe2865b19 [ 876.602646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.604316] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 876.605043] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 876.605703] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 876.606359] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 876.607013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 876.607673] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 [ 876.611362] FAULT_INJECTION: forcing a failure. 14:00:52 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 876.611362] name failslab, interval 1, probability 0, space 0, times 0 [ 876.612551] CPU: 1 PID: 7046 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 876.613142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 876.614067] Call Trace: [ 876.614300] dump_stack+0x107/0x167 [ 876.614613] should_fail.cold+0x5/0xa [ 876.615070] ? create_object.isra.0+0x3a/0xa20 [ 876.615463] should_failslab+0x5/0x20 [ 876.615786] kmem_cache_alloc+0x5b/0x310 14:00:52 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3599, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 876.616199] create_object.isra.0+0x3a/0xa20 [ 876.616590] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 876.617063] __kmalloc_track_caller+0x177/0x370 [ 876.617472] ? v9fs_session_init+0xe9/0x1680 [ 876.617889] ? kernel_text_address+0xf2/0x120 [ 876.618289] kstrdup+0x36/0x70 [ 876.618565] v9fs_session_init+0xe9/0x1680 [ 876.618998] ? lock_release+0x680/0x680 [ 876.619494] ? find_held_lock+0x2c/0x110 [ 876.619895] ? kmem_cache_alloc_trace+0x151/0x320 [ 876.620316] ? v9fs_show_options+0x690/0x690 [ 876.620716] ? trace_hardirqs_on+0x5b/0x180 [ 876.621126] ? kasan_unpoison_shadow+0x33/0x50 [ 876.621531] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 876.622007] v9fs_mount+0x79/0x8f0 [ 876.622311] ? v9fs_write_inode+0x60/0x60 [ 876.622683] legacy_get_tree+0x105/0x220 [ 876.623097] vfs_get_tree+0x8e/0x300 [ 876.623422] path_mount+0x1429/0x2120 [ 876.623772] ? strncpy_from_user+0x9e/0x470 [ 876.624194] ? finish_automount+0xa90/0xa90 [ 876.624602] ? getname_flags.part.0+0x1dd/0x4f0 [ 876.625050] ? _copy_from_user+0xfb/0x1b0 [ 876.625417] __x64_sys_mount+0x282/0x300 [ 876.625784] ? copy_mnt_ns+0xa00/0xa00 [ 876.626164] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 876.626702] ? syscall_enter_from_user_mode+0x1d/0x50 [ 876.627193] do_syscall_64+0x33/0x40 [ 876.627516] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 876.628029] RIP: 0033:0x7ff91eae3b19 [ 876.628357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.629998] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 876.630641] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 876.631295] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 876.631981] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 876.632598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 876.633253] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 876.644652] FAULT_INJECTION: forcing a failure. [ 876.644652] name failslab, interval 1, probability 0, space 0, times 0 [ 876.645793] CPU: 0 PID: 7032 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 876.646416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 876.647201] Call Trace: [ 876.647463] dump_stack+0x107/0x167 [ 876.647807] should_fail.cold+0x5/0xa [ 876.648166] ? memcg_alloc_page_obj_cgroups+0x73/0x100 [ 876.648671] ? memcg_alloc_page_obj_cgroups+0x73/0x100 [ 876.649163] should_failslab+0x5/0x20 [ 876.649523] __kmalloc_node+0x76/0x420 [ 876.649894] ? lock_downgrade+0x6d0/0x6d0 [ 876.650281] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 876.650760] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 876.651224] ? trace_hardirqs_on+0x5b/0x180 [ 876.651635] kmem_cache_alloc_trace+0x169/0x320 [ 876.652086] alloc_fs_context+0x57/0x840 [ 876.652482] path_mount+0xaa3/0x2120 [ 876.652840] ? strncpy_from_user+0x9e/0x470 [ 876.653246] ? finish_automount+0xa90/0xa90 [ 876.653650] ? getname_flags.part.0+0x1dd/0x4f0 [ 876.654086] ? _copy_from_user+0xfb/0x1b0 [ 876.654478] __x64_sys_mount+0x282/0x300 [ 876.654855] ? copy_mnt_ns+0xa00/0xa00 [ 876.655223] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 876.655711] ? syscall_enter_from_user_mode+0x1d/0x50 [ 876.656197] do_syscall_64+0x33/0x40 [ 876.656568] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 876.657044] RIP: 0033:0x7ff4194adb19 [ 876.657396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.659080] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 876.659791] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 876.660467] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 876.661120] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 876.661774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 876.662433] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:00:52 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 14:00:52 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:52 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3699, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:52 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 14:00:52 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:00:52 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x100000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:07 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3799, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:07 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 14:01:07 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:07 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 13) 14:01:07 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 891.756382] FAULT_INJECTION: forcing a failure. [ 891.756382] name failslab, interval 1, probability 0, space 0, times 0 [ 891.757440] CPU: 0 PID: 7099 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 891.758028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 891.758796] Call Trace: [ 891.759041] dump_stack+0x107/0x167 [ 891.759398] should_fail.cold+0x5/0xa [ 891.759728] ? create_object.isra.0+0x3a/0xa20 [ 891.760130] should_failslab+0x5/0x20 [ 891.760511] kmem_cache_alloc+0x5b/0x310 [ 891.760866] ? create_object.isra.0+0x3ad/0xa20 [ 891.761272] create_object.isra.0+0x3a/0xa20 [ 891.761721] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 891.762164] __kmalloc_node+0x1ae/0x420 [ 891.762554] memcg_alloc_page_obj_cgroups+0x73/0x100 [ 891.762984] memcg_slab_post_alloc_hook+0x1f0/0x430 [ 891.763461] ? trace_hardirqs_on+0x5b/0x180 [ 891.763830] kmem_cache_alloc_trace+0x169/0x320 [ 891.764243] alloc_fs_context+0x57/0x840 [ 891.764657] path_mount+0xaa3/0x2120 [ 891.764981] ? strncpy_from_user+0x9e/0x470 [ 891.765148] FAULT_INJECTION: forcing a failure. [ 891.765148] name failslab, interval 1, probability 0, space 0, times 0 [ 891.765405] ? finish_automount+0xa90/0xa90 [ 891.765419] ? getname_flags.part.0+0x1dd/0x4f0 [ 891.765437] ? _copy_from_user+0xfb/0x1b0 [ 891.767588] __x64_sys_mount+0x282/0x300 [ 891.767939] ? copy_mnt_ns+0xa00/0xa00 [ 891.768316] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 891.768790] ? syscall_enter_from_user_mode+0x1d/0x50 [ 891.769226] do_syscall_64+0x33/0x40 [ 891.769603] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 891.770033] RIP: 0033:0x7ff4194adb19 [ 891.770417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 891.772006] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 891.772729] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 891.773440] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 891.774050] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 891.774739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 891.775624] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 891.776252] CPU: 1 PID: 7112 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 891.776939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 891.777241] 9pnet: Insufficient options for proto=fd [ 891.777633] Call Trace: [ 891.777653] dump_stack+0x107/0x167 [ 891.777669] should_fail.cold+0x5/0xa [ 891.778936] ? p9_client_create+0xaf/0x11c0 [ 891.779304] should_failslab+0x5/0x20 [ 891.779632] kmem_cache_alloc_trace+0x55/0x320 [ 891.780099] ? find_held_lock+0x2c/0x110 14:01:07 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 7) 14:01:07 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x200000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:07 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 20) [ 891.780445] p9_client_create+0xaf/0x11c0 [ 891.780834] ? lock_downgrade+0x6d0/0x6d0 [ 891.781399] ? p9_client_flush+0x430/0x430 [ 891.781764] ? trace_hardirqs_on+0x5b/0x180 [ 891.782202] ? lockdep_init_map_type+0x2c7/0x780 [ 891.782612] ? __raw_spin_lock_init+0x36/0x110 [ 891.783005] v9fs_session_init+0x1dd/0x1680 [ 891.783370] ? lock_release+0x680/0x680 [ 891.783799] ? kmem_cache_alloc_trace+0x151/0x320 [ 891.784206] ? v9fs_show_options+0x690/0x690 [ 891.784597] ? trace_hardirqs_on+0x5b/0x180 [ 891.784968] ? kasan_unpoison_shadow+0x33/0x50 [ 891.785359] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 891.785796] v9fs_mount+0x79/0x8f0 [ 891.786098] ? v9fs_write_inode+0x60/0x60 [ 891.786451] legacy_get_tree+0x105/0x220 [ 891.786804] vfs_get_tree+0x8e/0x300 [ 891.787119] path_mount+0x1429/0x2120 [ 891.787447] ? strncpy_from_user+0x9e/0x470 [ 891.787901] ? finish_automount+0xa90/0xa90 [ 891.788265] ? getname_flags.part.0+0x1dd/0x4f0 [ 891.788679] ? _copy_from_user+0xfb/0x1b0 [ 891.789036] __x64_sys_mount+0x282/0x300 [ 891.789378] ? copy_mnt_ns+0xa00/0xa00 [ 891.789714] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 891.790168] ? syscall_enter_from_user_mode+0x1d/0x50 [ 891.790619] do_syscall_64+0x33/0x40 [ 891.790943] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 891.791385] RIP: 0033:0x7ff91eae3b19 [ 891.791798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 891.793395] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 891.794055] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 891.794661] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 891.795030] FAULT_INJECTION: forcing a failure. [ 891.795030] name failslab, interval 1, probability 0, space 0, times 0 [ 891.795257] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 891.795275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 891.797418] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 891.798027] CPU: 0 PID: 7117 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 891.798681] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 891.799431] Call Trace: [ 891.799661] dump_stack+0x107/0x167 [ 891.799969] should_fail.cold+0x5/0xa [ 891.800358] ? getname_flags.part.0+0x50/0x4f0 [ 891.800760] should_failslab+0x5/0x20 [ 891.801088] kmem_cache_alloc+0x5b/0x310 [ 891.801492] getname_flags.part.0+0x50/0x4f0 [ 891.801864] ? _copy_from_user+0xfb/0x1b0 [ 891.803571] user_path_at_empty+0xa1/0x100 [ 891.803931] __x64_sys_mount+0x1e9/0x300 [ 891.804272] ? copy_mnt_ns+0xa00/0xa00 [ 891.804683] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 891.805124] ? syscall_enter_from_user_mode+0x1d/0x50 [ 891.805619] do_syscall_64+0x33/0x40 [ 891.805934] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 891.806408] RIP: 0033:0x7fefe2865b19 [ 891.806737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 891.808401] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 891.809068] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 891.809711] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 891.810360] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 891.810970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 891.811614] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 14:01:08 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 14:01:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 8) 14:01:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3899, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 891.895120] 9pnet: Insufficient options for proto=fd [ 891.919717] FAULT_INJECTION: forcing a failure. [ 891.919717] name failslab, interval 1, probability 0, space 0, times 0 [ 891.920834] CPU: 1 PID: 7133 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 891.921401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 891.922130] Call Trace: [ 891.922364] dump_stack+0x107/0x167 [ 891.922733] should_fail.cold+0x5/0xa [ 891.923077] ? create_object.isra.0+0x3a/0xa20 [ 891.923477] should_failslab+0x5/0x20 [ 891.923871] kmem_cache_alloc+0x5b/0x310 [ 891.924229] create_object.isra.0+0x3a/0xa20 [ 891.924637] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 891.925142] kmem_cache_alloc+0x159/0x310 [ 891.925504] getname_flags.part.0+0x50/0x4f0 [ 891.925935] ? _copy_from_user+0xfb/0x1b0 [ 891.926295] user_path_at_empty+0xa1/0x100 [ 891.926704] __x64_sys_mount+0x1e9/0x300 [ 891.927066] ? copy_mnt_ns+0xa00/0xa00 [ 891.927408] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 891.927914] ? syscall_enter_from_user_mode+0x1d/0x50 [ 891.928362] do_syscall_64+0x33/0x40 [ 891.928776] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 891.929212] RIP: 0033:0x7fefe2865b19 [ 891.929542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 891.931190] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 891.931896] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 891.932517] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 891.933175] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 891.933855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 891.934473] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 14:01:08 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x800000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 14:01:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 14) 14:01:08 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8cffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 892.001703] FAULT_INJECTION: forcing a failure. [ 892.001703] name failslab, interval 1, probability 0, space 0, times 0 [ 892.002767] CPU: 0 PID: 7149 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 892.003349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 892.004039] Call Trace: [ 892.004284] dump_stack+0x107/0x167 [ 892.004613] should_fail.cold+0x5/0xa [ 892.004940] ? v9fs_mount+0x5a/0x8f0 [ 892.005266] should_failslab+0x5/0x20 [ 892.005598] kmem_cache_alloc_trace+0x55/0x320 [ 892.005984] ? v9fs_write_inode+0x60/0x60 [ 892.006348] v9fs_mount+0x5a/0x8f0 [ 892.006653] ? v9fs_write_inode+0x60/0x60 [ 892.007003] legacy_get_tree+0x105/0x220 [ 892.007137] 9pnet: Insufficient options for proto=fd [ 892.007345] vfs_get_tree+0x8e/0x300 [ 892.007357] path_mount+0x1429/0x2120 [ 892.007382] ? strncpy_from_user+0x9e/0x470 [ 892.008895] ? finish_automount+0xa90/0xa90 [ 892.009262] ? getname_flags.part.0+0x1dd/0x4f0 [ 892.009671] ? _copy_from_user+0xfb/0x1b0 [ 892.010033] __x64_sys_mount+0x282/0x300 [ 892.010375] ? copy_mnt_ns+0xa00/0xa00 [ 892.010720] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 892.011160] ? syscall_enter_from_user_mode+0x1d/0x50 [ 892.011594] do_syscall_64+0x33/0x40 [ 892.011920] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 892.012349] RIP: 0033:0x7ff4194adb19 [ 892.012681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 892.014226] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 892.014879] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 892.015475] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 892.016084] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 892.016695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 892.017307] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:01:22 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 15) 14:01:22 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 9) 14:01:22 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) [ 905.844718] FAULT_INJECTION: forcing a failure. [ 905.844718] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 905.845828] CPU: 0 PID: 7172 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 905.846396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 905.847093] Call Trace: [ 905.847344] dump_stack+0x107/0x167 [ 905.847658] should_fail.cold+0x5/0xa [ 905.847988] strncpy_from_user+0x34/0x470 [ 905.848347] getname_flags.part.0+0x95/0x4f0 [ 905.848736] ? _copy_from_user+0xfb/0x1b0 [ 905.849096] user_path_at_empty+0xa1/0x100 [ 905.849458] __x64_sys_mount+0x1e9/0x300 [ 905.849804] ? copy_mnt_ns+0xa00/0xa00 [ 905.850140] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 905.850606] ? syscall_enter_from_user_mode+0x1d/0x50 [ 905.851043] do_syscall_64+0x33/0x40 [ 905.851361] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 905.851800] FAULT_INJECTION: forcing a failure. [ 905.851800] name failslab, interval 1, probability 0, space 0, times 0 [ 905.852736] RIP: 0033:0x7fefe2865b19 [ 905.853060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 905.854606] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 905.855249] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 905.855849] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 905.856451] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 905.857069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 905.857669] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 [ 905.858288] CPU: 1 PID: 7168 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 905.858930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 905.859630] Call Trace: [ 905.859863] dump_stack+0x107/0x167 [ 905.860175] should_fail.cold+0x5/0xa [ 905.860505] ? create_object.isra.0+0x3a/0xa20 [ 905.860917] should_failslab+0x5/0x20 [ 905.861242] kmem_cache_alloc+0x5b/0x310 [ 905.861592] ? cred_has_capability.isra.0+0x152/0x2b0 [ 905.862030] create_object.isra.0+0x3a/0xa20 [ 905.862404] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 905.862838] kmem_cache_alloc_trace+0x151/0x320 [ 905.863237] ? v9fs_write_inode+0x60/0x60 [ 905.863592] v9fs_mount+0x5a/0x8f0 [ 905.863896] ? v9fs_write_inode+0x60/0x60 [ 905.864252] legacy_get_tree+0x105/0x220 14:01:22 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xc0ed0000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 21) 14:01:22 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 905.864600] vfs_get_tree+0x8e/0x300 [ 905.864940] path_mount+0x1429/0x2120 [ 905.865269] ? strncpy_from_user+0x9e/0x470 [ 905.865640] ? finish_automount+0xa90/0xa90 [ 905.866008] ? getname_flags.part.0+0x1dd/0x4f0 [ 905.866404] ? _copy_from_user+0xfb/0x1b0 [ 905.866762] __x64_sys_mount+0x282/0x300 [ 905.867112] ? copy_mnt_ns+0xa00/0xa00 [ 905.867449] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 905.867902] ? syscall_enter_from_user_mode+0x1d/0x50 [ 905.877020] do_syscall_64+0x33/0x40 [ 905.877338] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 905.877770] RIP: 0033:0x7ff4194adb19 [ 905.878082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 905.879624] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 905.880261] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 905.880871] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 905.881467] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 905.882064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 905.882660] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 905.890012] 9pnet: Insufficient options for proto=fd [ 905.903373] FAULT_INJECTION: forcing a failure. [ 905.903373] name failslab, interval 1, probability 0, space 0, times 0 [ 905.904449] CPU: 0 PID: 7191 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 905.905054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 905.905774] Call Trace: [ 905.906010] dump_stack+0x107/0x167 [ 905.906324] should_fail.cold+0x5/0xa [ 905.906656] ? create_object.isra.0+0x3a/0xa20 [ 905.907050] should_failslab+0x5/0x20 [ 905.907380] kmem_cache_alloc+0x5b/0x310 [ 905.907739] ? kernel_text_address+0xf2/0x120 [ 905.908127] create_object.isra.0+0x3a/0xa20 [ 905.908512] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 905.908968] kmem_cache_alloc_trace+0x151/0x320 [ 905.909377] ? find_held_lock+0x2c/0x110 [ 905.909731] p9_client_create+0xaf/0x11c0 [ 905.910088] ? lock_downgrade+0x6d0/0x6d0 [ 905.910449] ? p9_client_flush+0x430/0x430 [ 905.910814] ? trace_hardirqs_on+0x5b/0x180 [ 905.911184] ? lockdep_init_map_type+0x2c7/0x780 [ 905.911596] ? __raw_spin_lock_init+0x36/0x110 [ 905.911993] v9fs_session_init+0x1dd/0x1680 [ 905.912363] ? lock_release+0x680/0x680 [ 905.912724] ? kmem_cache_alloc_trace+0x151/0x320 [ 905.913138] ? v9fs_show_options+0x690/0x690 [ 905.913522] ? trace_hardirqs_on+0x5b/0x180 [ 905.913892] ? kasan_unpoison_shadow+0x33/0x50 [ 905.914286] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 905.914730] v9fs_mount+0x79/0x8f0 [ 905.915037] ? v9fs_write_inode+0x60/0x60 [ 905.915397] legacy_get_tree+0x105/0x220 [ 905.915747] vfs_get_tree+0x8e/0x300 [ 905.916065] path_mount+0x1429/0x2120 [ 905.916396] ? strncpy_from_user+0x9e/0x470 [ 905.916785] ? finish_automount+0xa90/0xa90 [ 905.917155] ? getname_flags.part.0+0x1dd/0x4f0 [ 905.917554] ? _copy_from_user+0xfb/0x1b0 [ 905.917915] __x64_sys_mount+0x282/0x300 [ 905.918260] ? copy_mnt_ns+0xa00/0xa00 [ 905.918597] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 905.919047] ? syscall_enter_from_user_mode+0x1d/0x50 [ 905.919486] do_syscall_64+0x33/0x40 [ 905.919808] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 905.920245] RIP: 0033:0x7ff91eae3b19 [ 905.920567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 905.922137] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 905.922784] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 905.923389] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 905.923994] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 905.924603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 905.925220] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:01:22 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x6000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf6ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 10) [ 906.017419] 9pnet: Insufficient options for proto=fd 14:01:22 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:22 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 16) [ 906.044368] FAULT_INJECTION: forcing a failure. [ 906.044368] name failslab, interval 1, probability 0, space 0, times 0 [ 906.045391] CPU: 0 PID: 7217 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 906.045973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 906.046675] Call Trace: [ 906.046912] dump_stack+0x107/0x167 [ 906.047234] should_fail.cold+0x5/0xa [ 906.047573] ? alloc_fs_context+0x57/0x840 [ 906.047944] should_failslab+0x5/0x20 [ 906.048281] kmem_cache_alloc_trace+0x55/0x320 [ 906.048689] alloc_fs_context+0x57/0x840 [ 906.049049] path_mount+0xaa3/0x2120 [ 906.049377] ? strncpy_from_user+0x9e/0x470 [ 906.049747] ? finish_automount+0xa90/0xa90 [ 906.050119] ? getname_flags.part.0+0x1dd/0x4f0 [ 906.050519] ? _copy_from_user+0xfb/0x1b0 [ 906.050878] __x64_sys_mount+0x282/0x300 [ 906.051224] ? copy_mnt_ns+0xa00/0xa00 [ 906.051566] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 906.052017] ? syscall_enter_from_user_mode+0x1d/0x50 [ 906.052462] do_syscall_64+0x33/0x40 [ 906.052805] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 906.053242] RIP: 0033:0x7fefe2865b19 [ 906.053564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 906.055122] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 906.055773] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 906.056380] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 906.056996] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 906.057602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 906.058203] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 14:01:22 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xffff0000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 906.097015] FAULT_INJECTION: forcing a failure. [ 906.097015] name failslab, interval 1, probability 0, space 0, times 0 [ 906.098050] CPU: 1 PID: 7226 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 906.098620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 906.099310] Call Trace: [ 906.099543] dump_stack+0x107/0x167 [ 906.099857] should_fail.cold+0x5/0xa [ 906.100186] should_failslab+0x5/0x20 [ 906.100514] __kmalloc_track_caller+0x79/0x370 [ 906.100920] ? v9fs_session_init+0xa7/0x1680 [ 906.101292] ? kernel_text_address+0xf2/0x120 [ 906.101677] kstrdup+0x36/0x70 [ 906.101951] v9fs_session_init+0xa7/0x1680 [ 906.102310] ? lock_release+0x680/0x680 [ 906.102648] ? find_held_lock+0x2c/0x110 [ 906.102999] ? kmem_cache_alloc_trace+0x151/0x320 [ 906.103404] ? v9fs_show_options+0x690/0x690 [ 906.103789] ? trace_hardirqs_on+0x5b/0x180 [ 906.104156] ? kasan_unpoison_shadow+0x33/0x50 [ 906.104546] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 906.104995] v9fs_mount+0x79/0x8f0 [ 906.105300] ? v9fs_write_inode+0x60/0x60 [ 906.105659] legacy_get_tree+0x105/0x220 [ 906.106003] vfs_get_tree+0x8e/0x300 [ 906.106318] path_mount+0x1429/0x2120 [ 906.106647] ? strncpy_from_user+0x9e/0x470 [ 906.107013] ? finish_automount+0xa90/0xa90 [ 906.107378] ? getname_flags.part.0+0x1dd/0x4f0 [ 906.107782] ? _copy_from_user+0xfb/0x1b0 [ 906.108137] __x64_sys_mount+0x282/0x300 [ 906.108481] ? copy_mnt_ns+0xa00/0xa00 [ 906.108831] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 906.109275] ? syscall_enter_from_user_mode+0x1d/0x50 [ 906.109714] do_syscall_64+0x33/0x40 [ 906.110033] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 906.110465] RIP: 0033:0x7ff4194adb19 [ 906.110781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 906.112315] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 906.112982] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 906.113588] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 906.114189] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 906.114788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 906.115389] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 919.932325] FAULT_INJECTION: forcing a failure. [ 919.932325] name failslab, interval 1, probability 0, space 0, times 0 [ 919.936994] FAULT_INJECTION: forcing a failure. [ 919.936994] name failslab, interval 1, probability 0, space 0, times 0 [ 919.949520] CPU: 0 PID: 7249 Comm: syz-executor.7 Not tainted 5.10.223 #1 [ 919.949526] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 919.949530] Call Trace: [ 919.949547] dump_stack+0x107/0x167 [ 919.949560] should_fail.cold+0x5/0xa [ 919.949574] ? create_object.isra.0+0x3a/0xa20 [ 919.949587] should_failslab+0x5/0x20 [ 919.949599] kmem_cache_alloc+0x5b/0x310 [ 919.949613] create_object.isra.0+0x3a/0xa20 [ 919.949624] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 919.949638] kmem_cache_alloc_trace+0x151/0x320 [ 919.949654] alloc_fs_context+0x57/0x840 [ 919.949669] path_mount+0xaa3/0x2120 [ 919.949684] ? strncpy_from_user+0x9e/0x470 14:01:36 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8600, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:36 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 17) 14:01:36 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 11) 14:01:36 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xffffff8c, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:36 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 22) 14:01:36 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 14:01:36 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1000000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 919.949694] ? finish_automount+0xa90/0xa90 [ 919.949705] ? getname_flags.part.0+0x1dd/0x4f0 [ 919.949716] ? _copy_from_user+0xfb/0x1b0 [ 919.949731] __x64_sys_mount+0x282/0x300 [ 919.949740] ? copy_mnt_ns+0xa00/0xa00 14:01:36 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfffffff6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:36 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:36 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 919.949755] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 919.949767] ? syscall_enter_from_user_mode+0x1d/0x50 [ 919.949779] do_syscall_64+0x33/0x40 [ 919.949790] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 919.949798] RIP: 0033:0x7fefe2865b19 [ 919.949808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 919.949814] RSP: 002b:00007fefdfddb188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 919.949827] RAX: ffffffffffffffda RBX: 00007fefe2978f60 RCX: 00007fefe2865b19 [ 919.949833] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 919.949839] RBP: 00007fefdfddb1d0 R08: 0000000020000140 R09: 0000000000000000 [ 919.949845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 919.949852] R13: 00007ffee7cc605f R14: 00007fefdfddb300 R15: 0000000000022000 [ 919.992586] CPU: 1 PID: 7254 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 919.993227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 919.993997] Call Trace: [ 919.994250] dump_stack+0x107/0x167 [ 919.994595] should_fail.cold+0x5/0xa [ 919.994951] ? create_object.isra.0+0x3a/0xa20 [ 919.995371] should_failslab+0x5/0x20 [ 919.995723] kmem_cache_alloc+0x5b/0x310 [ 919.996102] create_object.isra.0+0x3a/0xa20 [ 919.996513] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 919.996997] __kmalloc_track_caller+0x177/0x370 [ 919.997431] ? v9fs_session_init+0xa7/0x1680 [ 919.997848] ? kernel_text_address+0xf2/0x120 [ 919.998257] kstrdup+0x36/0x70 [ 919.998530] v9fs_session_init+0xa7/0x1680 [ 919.998886] ? lock_release+0x680/0x680 [ 919.999220] ? find_held_lock+0x2c/0x110 [ 919.999566] ? kmem_cache_alloc_trace+0x151/0x320 [ 920.000004] ? v9fs_show_options+0x690/0x690 [ 920.000425] ? trace_hardirqs_on+0x5b/0x180 [ 920.000848] ? kasan_unpoison_shadow+0x33/0x50 [ 920.001276] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 920.001746] v9fs_mount+0x79/0x8f0 [ 920.002077] ? v9fs_write_inode+0x60/0x60 [ 920.002446] legacy_get_tree+0x105/0x220 [ 920.002814] vfs_get_tree+0x8e/0x300 [ 920.003166] path_mount+0x1429/0x2120 [ 920.003513] ? strncpy_from_user+0x9e/0x470 [ 920.009114] ? finish_automount+0xa90/0xa90 [ 920.009514] ? getname_flags.part.0+0x1dd/0x4f0 [ 920.009943] ? _copy_from_user+0xfb/0x1b0 [ 920.017182] __x64_sys_mount+0x282/0x300 [ 920.017560] ? copy_mnt_ns+0xa00/0xa00 [ 920.017935] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 920.025137] ? syscall_enter_from_user_mode+0x1d/0x50 [ 920.025616] do_syscall_64+0x33/0x40 [ 920.025979] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 920.026450] RIP: 0033:0x7ff4194adb19 [ 920.026804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 920.028537] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 920.029286] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 920.029967] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 920.030648] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 920.031309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 920.031972] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 920.048274] 9pnet: Insufficient options for proto=fd 14:01:36 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:36 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xedc000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:36 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98db, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 920.080647] FAULT_INJECTION: forcing a failure. [ 920.080647] name failslab, interval 1, probability 0, space 0, times 0 [ 920.081754] CPU: 1 PID: 7283 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 920.082404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 920.083202] Call Trace: [ 920.083458] dump_stack+0x107/0x167 [ 920.083807] should_fail.cold+0x5/0xa [ 920.084186] should_failslab+0x5/0x20 14:01:36 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) [ 920.084562] __kmalloc_track_caller+0x79/0x370 [ 920.092940] ? p9_client_create+0x41d/0x11c0 [ 920.093354] kstrdup+0x36/0x70 [ 920.093656] p9_client_create+0x41d/0x11c0 [ 920.094059] ? lock_downgrade+0x6d0/0x6d0 [ 920.094460] ? p9_client_flush+0x430/0x430 [ 920.094867] ? trace_hardirqs_on+0x5b/0x180 [ 920.095766] ? lockdep_init_map_type+0x2c7/0x780 [ 920.100911] ? __raw_spin_lock_init+0x36/0x110 [ 920.101300] v9fs_session_init+0x1dd/0x1680 [ 920.101661] ? lock_release+0x680/0x680 [ 920.101999] ? kmem_cache_alloc_trace+0x151/0x320 [ 920.102428] ? v9fs_show_options+0x690/0x690 [ 920.102851] ? trace_hardirqs_on+0x5b/0x180 [ 920.103266] ? kasan_unpoison_shadow+0x33/0x50 [ 920.103691] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 920.104176] v9fs_mount+0x79/0x8f0 [ 920.104832] ? v9fs_write_inode+0x60/0x60 [ 920.105233] legacy_get_tree+0x105/0x220 [ 920.105613] vfs_get_tree+0x8e/0x300 [ 920.105961] path_mount+0x1429/0x2120 [ 920.106319] ? strncpy_from_user+0x9e/0x470 [ 920.106720] ? finish_automount+0xa90/0xa90 [ 920.107134] ? getname_flags.part.0+0x1dd/0x4f0 [ 920.107573] ? _copy_from_user+0xfb/0x1b0 [ 920.107977] __x64_sys_mount+0x282/0x300 [ 920.108361] ? copy_mnt_ns+0xa00/0xa00 [ 920.108734] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 920.109243] ? syscall_enter_from_user_mode+0x1d/0x50 [ 920.109736] do_syscall_64+0x33/0x40 [ 920.110090] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 920.110573] RIP: 0033:0x7ff91eae3b19 [ 920.110928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 920.112658] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 920.116936] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 920.117586] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 920.118252] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 920.125044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 920.125672] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:01:36 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 18) 14:01:50 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 14:01:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 12) [ 933.813690] FAULT_INJECTION: forcing a failure. [ 933.813690] name failslab, interval 1, probability 0, space 0, times 0 [ 933.816305] CPU: 1 PID: 7323 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 933.817870] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 933.819776] Call Trace: [ 933.820374] dump_stack+0x107/0x167 [ 933.821212] should_fail.cold+0x5/0xa [ 933.822082] ? create_object.isra.0+0x3a/0xa20 [ 933.823129] should_failslab+0x5/0x20 [ 933.823997] kmem_cache_alloc+0x5b/0x310 [ 933.824924] ? lock_downgrade+0x6d0/0x6d0 [ 933.825882] create_object.isra.0+0x3a/0xa20 [ 933.826885] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 933.827710] FAULT_INJECTION: forcing a failure. [ 933.827710] name failslab, interval 1, probability 0, space 0, times 0 [ 933.828045] __kmalloc_track_caller+0x177/0x370 [ 933.831253] ? p9_client_create+0x41d/0x11c0 [ 933.832260] kstrdup+0x36/0x70 [ 933.832999] p9_client_create+0x41d/0x11c0 [ 933.833967] ? lock_downgrade+0x6d0/0x6d0 [ 933.834888] ? p9_client_flush+0x430/0x430 [ 933.835610] ? trace_hardirqs_on+0x5b/0x180 [ 933.836344] ? lockdep_init_map_type+0x2c7/0x780 [ 933.837341] ? __raw_spin_lock_init+0x36/0x110 [ 933.838386] v9fs_session_init+0x1dd/0x1680 [ 933.839375] ? lock_release+0x680/0x680 [ 933.840286] ? kmem_cache_alloc_trace+0x151/0x320 [ 933.841393] ? v9fs_show_options+0x690/0x690 [ 933.842392] ? trace_hardirqs_on+0x5b/0x180 [ 933.843368] ? kasan_unpoison_shadow+0x33/0x50 [ 933.844402] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 933.845590] v9fs_mount+0x79/0x8f0 [ 933.846393] ? v9fs_write_inode+0x60/0x60 [ 933.847335] legacy_get_tree+0x105/0x220 [ 933.848259] vfs_get_tree+0x8e/0x300 [ 933.849113] path_mount+0x1429/0x2120 [ 933.849980] ? strncpy_from_user+0x9e/0x470 [ 933.850967] ? finish_automount+0xa90/0xa90 [ 933.851954] ? getname_flags.part.0+0x1dd/0x4f0 [ 933.853021] ? _copy_from_user+0xfb/0x1b0 [ 933.853974] __x64_sys_mount+0x282/0x300 [ 933.854892] ? copy_mnt_ns+0xa00/0xa00 [ 933.855777] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 933.856983] ? syscall_enter_from_user_mode+0x1d/0x50 [ 933.858168] do_syscall_64+0x33/0x40 [ 933.859014] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 933.860180] RIP: 0033:0x7ff91eae3b19 [ 933.861037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 933.865252] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 933.866982] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 933.868601] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 933.870245] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 933.871869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 933.873496] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 933.875138] CPU: 0 PID: 7327 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 933.875971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 933.876925] Call Trace: [ 933.877217] dump_stack+0x107/0x167 [ 933.877592] should_fail.cold+0x5/0xa [ 933.878128] should_failslab+0x5/0x20 [ 933.878516] __kmalloc_track_caller+0x79/0x370 [ 933.879085] ? v9fs_session_init+0xe9/0x1680 [ 933.879536] ? kernel_text_address+0xf2/0x120 [ 933.880098] kstrdup+0x36/0x70 [ 933.880436] v9fs_session_init+0xe9/0x1680 [ 933.881174] ? lock_release+0x680/0x680 [ 933.881577] ? find_held_lock+0x2c/0x110 [ 933.882105] ? kmem_cache_alloc_trace+0x151/0x320 [ 933.882591] ? v9fs_show_options+0x690/0x690 [ 933.883174] ? trace_hardirqs_on+0x5b/0x180 [ 933.883623] ? kasan_unpoison_shadow+0x33/0x50 [ 933.885000] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 933.885535] v9fs_mount+0x79/0x8f0 14:01:50 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 23) 14:01:50 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98dc, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 933.886481] ? v9fs_write_inode+0x60/0x60 [ 933.887944] legacy_get_tree+0x105/0x220 [ 933.888381] vfs_get_tree+0x8e/0x300 [ 933.888920] path_mount+0x1429/0x2120 [ 933.889346] ? strncpy_from_user+0x9e/0x470 [ 933.889909] ? finish_automount+0xa90/0xa90 [ 933.890372] ? getname_flags.part.0+0x1dd/0x4f0 [ 933.891001] ? _copy_from_user+0xfb/0x1b0 [ 933.891457] __x64_sys_mount+0x282/0x300 [ 933.891994] ? copy_mnt_ns+0xa00/0xa00 [ 933.892416] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 933.893097] ? syscall_enter_from_user_mode+0x1d/0x50 [ 933.893613] do_syscall_64+0x33/0x40 [ 933.894088] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 933.894594] RIP: 0033:0x7ff4194adb19 [ 933.895056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 933.897108] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 933.898003] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 933.899197] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 933.900442] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 933.901336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 933.902195] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 933.915203] 9pnet: Insufficient options for proto=fd 14:01:50 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x100000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98dd, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98de, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 934.043373] 9pnet: Insufficient options for proto=fd 14:01:50 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 14:01:50 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xffff000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:01:50 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x200000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 934.154264] cgroup: fork rejected by pids controller in /syz3 [ 934.162869] 9pnet: Insufficient options for proto=fd 14:02:04 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98df, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 19) 14:02:04 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 24) 14:02:04 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 948.122195] FAULT_INJECTION: forcing a failure. [ 948.122195] name failslab, interval 1, probability 0, space 0, times 0 [ 948.123248] CPU: 1 PID: 7503 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 948.123865] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 948.124571] Call Trace: [ 948.124873] dump_stack+0x107/0x167 [ 948.125194] should_fail.cold+0x5/0xa [ 948.125524] ? create_object.isra.0+0x3a/0xa20 [ 948.125961] should_failslab+0x5/0x20 [ 948.126283] kmem_cache_alloc+0x5b/0x310 [ 948.126631] create_object.isra.0+0x3a/0xa20 [ 948.127046] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 948.127476] __kmalloc_track_caller+0x177/0x370 [ 948.127915] ? v9fs_session_init+0xe9/0x1680 [ 948.128285] ? kernel_text_address+0xf2/0x120 [ 948.128748] kstrdup+0x36/0x70 [ 948.129022] v9fs_session_init+0xe9/0x1680 [ 948.129401] ? lock_release+0x680/0x680 [ 948.129783] ? find_held_lock+0x2c/0x110 [ 948.130131] ? kmem_cache_alloc_trace+0x151/0x320 [ 948.130536] ? v9fs_show_options+0x690/0x690 [ 948.130960] ? trace_hardirqs_on+0x5b/0x180 [ 948.131325] ? kasan_unpoison_shadow+0x33/0x50 [ 948.131758] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 948.132189] v9fs_mount+0x79/0x8f0 [ 948.132491] ? v9fs_write_inode+0x60/0x60 [ 948.132916] legacy_get_tree+0x105/0x220 [ 948.133281] vfs_get_tree+0x8e/0x300 [ 948.133596] path_mount+0x1429/0x2120 [ 948.133966] ? strncpy_from_user+0x9e/0x470 [ 948.134331] ? finish_automount+0xa90/0xa90 [ 948.134744] ? getname_flags.part.0+0x1dd/0x4f0 [ 948.135137] ? _copy_from_user+0xfb/0x1b0 [ 948.135493] __x64_sys_mount+0x282/0x300 [ 948.135881] ? copy_mnt_ns+0xa00/0xa00 [ 948.136212] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 948.136732] ? syscall_enter_from_user_mode+0x1d/0x50 [ 948.137181] do_syscall_64+0x33/0x40 [ 948.137506] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 948.137984] RIP: 0033:0x7ff4194adb19 [ 948.138298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 948.139913] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 948.140552] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 948.141234] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 948.141877] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 948.142476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 948.143114] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:02:04 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x800000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 948.164822] FAULT_INJECTION: forcing a failure. [ 948.164822] name failslab, interval 1, probability 0, space 0, times 0 [ 948.165854] CPU: 1 PID: 7523 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 948.166423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 948.167160] Call Trace: [ 948.167386] dump_stack+0x107/0x167 [ 948.167743] should_fail.cold+0x5/0xa [ 948.168069] should_failslab+0x5/0x20 [ 948.168391] __kmalloc_track_caller+0x79/0x370 [ 948.168853] ? p9_client_create+0x51e/0x11c0 [ 948.169247] kmemdup_nul+0x2d/0xa0 [ 948.169549] p9_client_create+0x51e/0x11c0 [ 948.169960] ? p9_client_flush+0x430/0x430 [ 948.170320] ? trace_hardirqs_on+0x5b/0x180 [ 948.170731] ? lockdep_init_map_type+0x2c7/0x780 [ 948.171137] ? __raw_spin_lock_init+0x36/0x110 [ 948.171534] v9fs_session_init+0x1dd/0x1680 [ 948.171948] ? lock_release+0x680/0x680 [ 948.172291] ? kmem_cache_alloc_trace+0x151/0x320 [ 948.172777] ? v9fs_show_options+0x690/0x690 [ 948.173163] ? trace_hardirqs_on+0x5b/0x180 [ 948.173539] ? kasan_unpoison_shadow+0x33/0x50 [ 948.173975] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 948.174408] v9fs_mount+0x79/0x8f0 [ 948.174762] ? v9fs_write_inode+0x60/0x60 [ 948.175116] legacy_get_tree+0x105/0x220 [ 948.175463] vfs_get_tree+0x8e/0x300 [ 948.175828] path_mount+0x1429/0x2120 [ 948.176153] ? strncpy_from_user+0x9e/0x470 [ 948.176522] ? finish_automount+0xa90/0xa90 [ 948.179936] ? getname_flags.part.0+0x1dd/0x4f0 [ 948.180329] ? _copy_from_user+0xfb/0x1b0 [ 948.181257] __x64_sys_mount+0x282/0x300 [ 948.181600] ? copy_mnt_ns+0xa00/0xa00 [ 948.182004] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 948.182444] ? syscall_enter_from_user_mode+0x1d/0x50 [ 948.182924] do_syscall_64+0x33/0x40 [ 948.183238] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 948.183716] RIP: 0033:0x7ff91eae3b19 [ 948.184031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 948.185615] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 948.186328] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 948.186972] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 948.187571] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 948.188209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 948.188856] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:02:04 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x7, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:04 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 25) [ 948.338350] FAULT_INJECTION: forcing a failure. [ 948.338350] name failslab, interval 1, probability 0, space 0, times 0 [ 948.339357] CPU: 1 PID: 7649 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 948.339933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 948.340627] Call Trace: [ 948.340858] dump_stack+0x107/0x167 [ 948.341176] should_fail.cold+0x5/0xa [ 948.341509] ? create_object.isra.0+0x3a/0xa20 [ 948.341901] should_failslab+0x5/0x20 [ 948.342223] kmem_cache_alloc+0x5b/0x310 [ 948.342571] create_object.isra.0+0x3a/0xa20 [ 948.342946] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 948.343379] __kmalloc_track_caller+0x177/0x370 [ 948.343776] ? p9_client_create+0x51e/0x11c0 [ 948.344158] kmemdup_nul+0x2d/0xa0 [ 948.344462] p9_client_create+0x51e/0x11c0 [ 948.344828] ? p9_client_flush+0x430/0x430 [ 948.345201] ? trace_hardirqs_on+0x5b/0x180 [ 948.345576] ? lockdep_init_map_type+0x2c7/0x780 [ 948.345982] ? __raw_spin_lock_init+0x36/0x110 [ 948.346376] v9fs_session_init+0x1dd/0x1680 [ 948.346745] ? lock_release+0x680/0x680 [ 948.347088] ? kmem_cache_alloc_trace+0x151/0x320 [ 948.347503] ? v9fs_show_options+0x690/0x690 [ 948.347881] ? trace_hardirqs_on+0x5b/0x180 [ 948.348251] ? kasan_unpoison_shadow+0x33/0x50 [ 948.348641] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 948.349075] v9fs_mount+0x79/0x8f0 [ 948.349398] ? v9fs_write_inode+0x60/0x60 [ 948.349754] legacy_get_tree+0x105/0x220 [ 948.350100] vfs_get_tree+0x8e/0x300 [ 948.350417] path_mount+0x1429/0x2120 [ 948.350747] ? strncpy_from_user+0x9e/0x470 [ 948.351114] ? finish_automount+0xa90/0xa90 [ 948.351482] ? getname_flags.part.0+0x1dd/0x4f0 [ 948.351878] ? _copy_from_user+0xfb/0x1b0 [ 948.352237] __x64_sys_mount+0x282/0x300 [ 948.352582] ? copy_mnt_ns+0xa00/0xa00 [ 948.352915] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 948.353374] ? syscall_enter_from_user_mode+0x1d/0x50 [ 948.353812] do_syscall_64+0x33/0x40 [ 948.354129] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 948.354564] RIP: 0033:0x7ff91eae3b19 [ 948.354880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 948.356418] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 948.357060] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 948.357678] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 948.358278] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 948.358882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 948.359641] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:02:18 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e1, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 26) 14:02:18 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 20) 14:02:18 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 962.124664] FAULT_INJECTION: forcing a failure. [ 962.124664] name failslab, interval 1, probability 0, space 0, times 0 [ 962.125802] CPU: 0 PID: 7664 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 962.126367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 962.127065] Call Trace: [ 962.127295] dump_stack+0x107/0x167 [ 962.127614] should_fail.cold+0x5/0xa [ 962.127944] should_failslab+0x5/0x20 [ 962.128268] __kmalloc_track_caller+0x79/0x370 [ 962.128666] ? p9_client_create+0x598/0x11c0 [ 962.129037] ? kfree+0xd7/0x340 [ 962.129348] kmemdup_nul+0x2d/0xa0 [ 962.129703] p9_client_create+0x598/0x11c0 [ 962.130101] ? p9_client_flush+0x430/0x430 [ 962.130494] ? trace_hardirqs_on+0x5b/0x180 [ 962.130914] ? lockdep_init_map_type+0x2c7/0x780 [ 962.131358] ? __raw_spin_lock_init+0x36/0x110 [ 962.131802] v9fs_session_init+0x1dd/0x1680 [ 962.132202] ? lock_release+0x680/0x680 [ 962.132576] ? kmem_cache_alloc_trace+0x151/0x320 [ 962.133031] ? v9fs_show_options+0x690/0x690 [ 962.133460] ? trace_hardirqs_on+0x5b/0x180 [ 962.133880] ? kasan_unpoison_shadow+0x33/0x50 [ 962.134306] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 962.134779] v9fs_mount+0x79/0x8f0 [ 962.135133] ? v9fs_write_inode+0x60/0x60 [ 962.135522] legacy_get_tree+0x105/0x220 [ 962.135900] vfs_get_tree+0x8e/0x300 [ 962.136246] path_mount+0x1429/0x2120 [ 962.136606] ? strncpy_from_user+0x9e/0x470 [ 962.137004] ? finish_automount+0xa90/0xa90 [ 962.137439] ? getname_flags.part.0+0x1dd/0x4f0 [ 962.137868] ? _copy_from_user+0xfb/0x1b0 [ 962.138271] __x64_sys_mount+0x282/0x300 [ 962.138646] ? copy_mnt_ns+0xa00/0xa00 [ 962.139013] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 962.139512] ? syscall_enter_from_user_mode+0x1d/0x50 [ 962.139989] do_syscall_64+0x33/0x40 [ 962.140355] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 962.140823] RIP: 0033:0x7ff91eae3b19 [ 962.141145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 962.142818] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 962.143533] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 962.144184] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 962.144846] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 962.145512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 962.146173] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:02:18 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x9, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 962.169015] FAULT_INJECTION: forcing a failure. [ 962.169015] name failslab, interval 1, probability 0, space 0, times 0 [ 962.170061] CPU: 0 PID: 7678 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 962.170670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 962.171424] Call Trace: [ 962.171673] dump_stack+0x107/0x167 [ 962.172010] should_fail.cold+0x5/0xa [ 962.172380] ? p9_client_create+0xaf/0x11c0 [ 962.172953] should_failslab+0x5/0x20 [ 962.173350] kmem_cache_alloc_trace+0x55/0x320 [ 962.173767] ? find_held_lock+0x2c/0x110 [ 962.174140] p9_client_create+0xaf/0x11c0 [ 962.174543] ? lock_downgrade+0x6d0/0x6d0 [ 962.174924] ? p9_client_flush+0x430/0x430 [ 962.175325] ? trace_hardirqs_on+0x5b/0x180 [ 962.175734] ? lockdep_init_map_type+0x2c7/0x780 [ 962.176192] ? __raw_spin_lock_init+0x36/0x110 [ 962.176634] v9fs_session_init+0x1dd/0x1680 [ 962.177033] ? lock_release+0x680/0x680 [ 962.177454] ? kmem_cache_alloc_trace+0x151/0x320 [ 962.177899] ? v9fs_show_options+0x690/0x690 [ 962.178308] ? trace_hardirqs_on+0x5b/0x180 [ 962.178727] ? kasan_unpoison_shadow+0x33/0x50 [ 962.179158] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 962.179643] v9fs_mount+0x79/0x8f0 [ 962.179983] ? v9fs_write_inode+0x60/0x60 [ 962.180367] legacy_get_tree+0x105/0x220 [ 962.180763] vfs_get_tree+0x8e/0x300 [ 962.181109] path_mount+0x1429/0x2120 [ 962.181482] ? strncpy_from_user+0x9e/0x470 [ 962.181896] ? finish_automount+0xa90/0xa90 [ 962.182298] ? getname_flags.part.0+0x1dd/0x4f0 [ 962.182726] ? _copy_from_user+0xfb/0x1b0 [ 962.183133] __x64_sys_mount+0x282/0x300 [ 962.183521] ? copy_mnt_ns+0xa00/0xa00 [ 962.183902] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 962.184396] ? syscall_enter_from_user_mode+0x1d/0x50 [ 962.184862] do_syscall_64+0x33/0x40 [ 962.185217] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 962.185709] RIP: 0033:0x7ff4194adb19 [ 962.186070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 962.187735] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 962.188438] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 962.189084] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 962.189754] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 962.190412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 962.191058] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:02:18 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:18 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 21) 14:02:18 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 27) [ 962.357728] FAULT_INJECTION: forcing a failure. [ 962.357728] name failslab, interval 1, probability 0, space 0, times 0 [ 962.358920] CPU: 0 PID: 7851 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 962.359552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 962.360314] Call Trace: [ 962.360568] dump_stack+0x107/0x167 [ 962.360872] should_fail.cold+0x5/0xa [ 962.361224] ? create_object.isra.0+0x3a/0xa20 [ 962.361659] should_failslab+0x5/0x20 [ 962.362011] kmem_cache_alloc+0x5b/0x310 [ 962.362403] create_object.isra.0+0x3a/0xa20 [ 962.362812] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 962.363303] __kmalloc_track_caller+0x177/0x370 [ 962.363730] ? p9_client_create+0x598/0x11c0 [ 962.364147] kmemdup_nul+0x2d/0xa0 [ 962.364497] p9_client_create+0x598/0x11c0 [ 962.364893] ? p9_client_flush+0x430/0x430 [ 962.365280] ? trace_hardirqs_on+0x5b/0x180 [ 962.365710] ? lockdep_init_map_type+0x2c7/0x780 [ 962.366149] ? __raw_spin_lock_init+0x36/0x110 [ 962.366594] v9fs_session_init+0x1dd/0x1680 [ 962.366991] ? lock_release+0x680/0x680 [ 962.367368] ? kmem_cache_alloc_trace+0x151/0x320 [ 962.367824] ? v9fs_show_options+0x690/0x690 [ 962.368210] FAULT_INJECTION: forcing a failure. [ 962.368210] name failslab, interval 1, probability 0, space 0, times 0 [ 962.369171] ? trace_hardirqs_on+0x5b/0x180 [ 962.369567] ? kasan_unpoison_shadow+0x33/0x50 [ 962.369998] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 962.370461] v9fs_mount+0x79/0x8f0 [ 962.370789] ? v9fs_write_inode+0x60/0x60 [ 962.371143] legacy_get_tree+0x105/0x220 [ 962.371493] vfs_get_tree+0x8e/0x300 [ 962.371829] path_mount+0x1429/0x2120 [ 962.372158] ? strncpy_from_user+0x9e/0x470 [ 962.372526] ? finish_automount+0xa90/0xa90 [ 962.372903] ? getname_flags.part.0+0x1dd/0x4f0 [ 962.373302] ? _copy_from_user+0xfb/0x1b0 [ 962.373668] __x64_sys_mount+0x282/0x300 [ 962.374022] ? copy_mnt_ns+0xa00/0xa00 [ 962.374354] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 962.374799] ? syscall_enter_from_user_mode+0x1d/0x50 [ 962.375245] do_syscall_64+0x33/0x40 [ 962.375564] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 962.376008] RIP: 0033:0x7ff91eae3b19 [ 962.376323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 962.377876] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 962.378528] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 962.379122] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 962.379733] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 962.380340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 962.380936] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 962.381575] CPU: 1 PID: 7865 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 962.382181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 962.382875] Call Trace: [ 962.383102] dump_stack+0x107/0x167 [ 962.383414] should_fail.cold+0x5/0xa [ 962.383761] ? create_object.isra.0+0x3a/0xa20 [ 962.384180] should_failslab+0x5/0x20 [ 962.384527] kmem_cache_alloc+0x5b/0x310 [ 962.384898] ? kernel_text_address+0xf2/0x120 [ 962.385316] create_object.isra.0+0x3a/0xa20 [ 962.385727] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 962.386184] kmem_cache_alloc_trace+0x151/0x320 [ 962.386583] ? find_held_lock+0x2c/0x110 [ 962.386934] p9_client_create+0xaf/0x11c0 [ 962.387302] ? lock_downgrade+0x6d0/0x6d0 [ 962.387671] ? p9_client_flush+0x430/0x430 [ 962.388065] ? trace_hardirqs_on+0x5b/0x180 [ 962.388463] ? lockdep_init_map_type+0x2c7/0x780 [ 962.388904] ? __raw_spin_lock_init+0x36/0x110 [ 962.389334] v9fs_session_init+0x1dd/0x1680 [ 962.389744] ? lock_release+0x680/0x680 [ 962.390117] ? kmem_cache_alloc_trace+0x151/0x320 [ 962.390557] ? v9fs_show_options+0x690/0x690 [ 962.390960] ? trace_hardirqs_on+0x5b/0x180 [ 962.391347] ? kasan_unpoison_shadow+0x33/0x50 [ 962.391760] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 962.392224] v9fs_mount+0x79/0x8f0 [ 962.392564] ? v9fs_write_inode+0x60/0x60 [ 962.392963] legacy_get_tree+0x105/0x220 [ 962.393363] vfs_get_tree+0x8e/0x300 [ 962.393728] path_mount+0x1429/0x2120 [ 962.394104] ? strncpy_from_user+0x9e/0x470 [ 962.394507] ? finish_automount+0xa90/0xa90 [ 962.394910] ? getname_flags.part.0+0x1dd/0x4f0 [ 962.395374] ? _copy_from_user+0xfb/0x1b0 [ 962.395762] __x64_sys_mount+0x282/0x300 [ 962.396150] ? copy_mnt_ns+0xa00/0xa00 [ 962.396509] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 962.396976] ? syscall_enter_from_user_mode+0x1d/0x50 [ 962.397464] do_syscall_64+0x33/0x40 [ 962.397809] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 962.398273] RIP: 0033:0x7ff4194adb19 [ 962.398610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 962.400219] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 962.400901] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 962.401559] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 962.402193] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 962.402829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 962.403465] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 977.026859] FAULT_INJECTION: forcing a failure. [ 977.026859] name failslab, interval 1, probability 0, space 0, times 0 [ 977.028090] CPU: 0 PID: 7932 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 977.028722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 977.029526] Call Trace: [ 977.029835] dump_stack+0x107/0x167 [ 977.030183] should_fail.cold+0x5/0xa [ 977.030542] should_failslab+0x5/0x20 [ 977.030965] __kmalloc_track_caller+0x79/0x370 [ 977.031393] ? parse_opts.part.0+0x8e/0x340 [ 977.031859] kstrdup+0x36/0x70 [ 977.032164] parse_opts.part.0+0x8e/0x340 [ 977.032554] ? p9_fd_show_options+0x1c0/0x1c0 [ 977.033066] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 977.033559] ? quarantine_put+0x8b/0x1a0 [ 977.033999] ? trace_hardirqs_on+0x5b/0x180 [ 977.034401] ? kfree+0xd7/0x340 [ 977.034731] p9_fd_create+0x98/0x4a0 [ 977.035134] ? p9_conn_create+0x510/0x510 [ 977.035497] ? p9_client_create+0x798/0x11c0 [ 977.035955] ? kfree+0xd7/0x340 [ 977.036268] p9_client_create+0x7ff/0x11c0 [ 977.036663] ? p9_client_flush+0x430/0x430 [ 977.037137] ? trace_hardirqs_on+0x5b/0x180 [ 977.037543] ? lockdep_init_map_type+0x2c7/0x780 [ 977.038049] ? __raw_spin_lock_init+0x36/0x110 [ 977.038476] v9fs_session_init+0x1dd/0x1680 [ 977.038937] ? lock_release+0x680/0x680 [ 977.039307] ? kmem_cache_alloc_trace+0x151/0x320 [ 977.039760] ? v9fs_show_options+0x690/0x690 [ 977.040221] ? trace_hardirqs_on+0x5b/0x180 [ 977.040632] ? kasan_unpoison_shadow+0x33/0x50 [ 977.041137] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 977.041636] v9fs_mount+0x79/0x8f0 [ 977.042032] ? v9fs_write_inode+0x60/0x60 [ 977.042415] legacy_get_tree+0x105/0x220 [ 977.042868] vfs_get_tree+0x8e/0x300 [ 977.043212] path_mount+0x1429/0x2120 [ 977.043568] ? strncpy_from_user+0x9e/0x470 [ 977.044030] ? finish_automount+0xa90/0xa90 [ 977.044425] ? getname_flags.part.0+0x1dd/0x4f0 [ 977.044939] ? _copy_from_user+0xfb/0x1b0 [ 977.045326] __x64_sys_mount+0x282/0x300 [ 977.045725] ? copy_mnt_ns+0xa00/0xa00 [ 977.046134] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 977.046616] ? syscall_enter_from_user_mode+0x1d/0x50 [ 977.047157] do_syscall_64+0x33/0x40 [ 977.050017] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 977.050483] RIP: 0033:0x7ff91eae3b19 [ 977.050981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 977.052753] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 977.053725] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 977.054407] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 977.055081] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 977.055735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 977.056501] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:02:33 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:33 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 28) 14:02:33 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 22) 14:02:33 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 14:02:33 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xa, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:33 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:33 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:33 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 977.057315] 9pnet: Insufficient options for proto=fd 14:02:33 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) [ 977.074094] FAULT_INJECTION: forcing a failure. [ 977.074094] name failslab, interval 1, probability 0, space 0, times 0 [ 977.075159] CPU: 1 PID: 7978 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 977.075771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 977.076533] Call Trace: [ 977.076783] dump_stack+0x107/0x167 [ 977.077153] should_fail.cold+0x5/0xa 14:02:33 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1000000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 977.077513] should_failslab+0x5/0x20 [ 977.077880] __kmalloc_track_caller+0x79/0x370 [ 977.078385] ? p9_client_create+0x41d/0x11c0 [ 977.078797] kstrdup+0x36/0x70 [ 977.079130] p9_client_create+0x41d/0x11c0 [ 977.079521] ? lock_downgrade+0x6d0/0x6d0 [ 977.079918] ? p9_client_flush+0x430/0x430 [ 977.080322] ? trace_hardirqs_on+0x5b/0x180 [ 977.080720] ? lockdep_init_map_type+0x2c7/0x780 [ 977.081187] ? __raw_spin_lock_init+0x36/0x110 [ 977.081640] v9fs_session_init+0x1dd/0x1680 [ 977.082051] ? lock_release+0x680/0x680 [ 977.082440] ? kmem_cache_alloc_trace+0x151/0x320 [ 977.082894] ? v9fs_show_options+0x690/0x690 [ 977.083314] ? trace_hardirqs_on+0x5b/0x180 [ 977.083709] ? kasan_unpoison_shadow+0x33/0x50 [ 977.084141] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 977.084620] v9fs_mount+0x79/0x8f0 [ 977.084961] ? v9fs_write_inode+0x60/0x60 [ 977.085350] legacy_get_tree+0x105/0x220 [ 977.085774] vfs_get_tree+0x8e/0x300 [ 977.086127] path_mount+0x1429/0x2120 [ 977.086498] ? strncpy_from_user+0x9e/0x470 [ 977.086903] ? finish_automount+0xa90/0xa90 [ 977.087299] ? getname_flags.part.0+0x1dd/0x4f0 [ 977.087743] ? _copy_from_user+0xfb/0x1b0 [ 977.088141] __x64_sys_mount+0x282/0x300 [ 977.088517] ? copy_mnt_ns+0xa00/0xa00 [ 977.088907] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 977.089390] ? syscall_enter_from_user_mode+0x1d/0x50 [ 977.089912] do_syscall_64+0x33/0x40 [ 977.090256] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 977.090723] RIP: 0033:0x7ff4194adb19 [ 977.091095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 977.092750] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 977.093458] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 977.094150] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 977.094806] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 977.095476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 977.096149] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:02:33 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:33 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:33 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 29) 14:02:33 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 23) 14:02:33 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 977.252069] FAULT_INJECTION: forcing a failure. [ 977.252069] name failslab, interval 1, probability 0, space 0, times 0 [ 977.255573] CPU: 0 PID: 8075 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 977.256273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 977.257278] Call Trace: [ 977.257544] dump_stack+0x107/0x167 [ 977.257936] should_fail.cold+0x5/0xa [ 977.258284] ? create_object.isra.0+0x3a/0xa20 [ 977.258702] should_failslab+0x5/0x20 [ 977.259107] kmem_cache_alloc+0x5b/0x310 [ 977.259481] ? lock_downgrade+0x6d0/0x6d0 [ 977.259942] create_object.isra.0+0x3a/0xa20 [ 977.260344] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 977.260856] __kmalloc_track_caller+0x177/0x370 [ 977.261289] ? p9_client_create+0x41d/0x11c0 [ 977.261714] kstrdup+0x36/0x70 [ 977.262065] p9_client_create+0x41d/0x11c0 [ 977.262461] ? lock_downgrade+0x6d0/0x6d0 [ 977.262901] ? p9_client_flush+0x430/0x430 [ 977.263291] ? trace_hardirqs_on+0x5b/0x180 [ 977.263696] ? lockdep_init_map_type+0x2c7/0x780 [ 977.264215] ? __raw_spin_lock_init+0x36/0x110 [ 977.264645] v9fs_session_init+0x1dd/0x1680 [ 977.265089] ? lock_release+0x680/0x680 [ 977.265473] ? kmem_cache_alloc_trace+0x151/0x320 [ 977.265979] ? v9fs_show_options+0x690/0x690 [ 977.266397] ? trace_hardirqs_on+0x5b/0x180 [ 977.266853] ? kasan_unpoison_shadow+0x33/0x50 [ 977.267281] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 977.267765] v9fs_mount+0x79/0x8f0 [ 977.268176] ? v9fs_write_inode+0x60/0x60 [ 977.268558] legacy_get_tree+0x105/0x220 [ 977.268990] vfs_get_tree+0x8e/0x300 [ 977.269339] path_mount+0x1429/0x2120 [ 977.269744] ? strncpy_from_user+0x9e/0x470 [ 977.270205] ? finish_automount+0xa90/0xa90 [ 977.270627] ? getname_flags.part.0+0x1dd/0x4f0 [ 977.271127] ? _copy_from_user+0xfb/0x1b0 [ 977.271540] __x64_sys_mount+0x282/0x300 [ 977.272013] ? copy_mnt_ns+0xa00/0xa00 [ 977.272401] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 977.272961] ? syscall_enter_from_user_mode+0x1d/0x50 [ 977.273472] do_syscall_64+0x33/0x40 [ 977.273902] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 977.274386] RIP: 0033:0x7ff4194adb19 [ 977.274749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 977.276723] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 977.277505] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 977.278245] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 977.279003] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 977.279675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 977.280404] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 977.298138] FAULT_INJECTION: forcing a failure. [ 977.298138] name failslab, interval 1, probability 0, space 0, times 0 [ 977.299250] CPU: 0 PID: 8146 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 977.299915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 977.300664] Call Trace: [ 977.300962] dump_stack+0x107/0x167 [ 977.301303] should_fail.cold+0x5/0xa [ 977.301674] ? create_object.isra.0+0x3a/0xa20 [ 977.302144] should_failslab+0x5/0x20 [ 977.302495] kmem_cache_alloc+0x5b/0x310 [ 977.302948] ? legacy_get_tree+0x105/0x220 [ 977.303347] ? vfs_get_tree+0x8e/0x300 [ 977.303710] create_object.isra.0+0x3a/0xa20 [ 977.304172] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 977.304640] __kmalloc_track_caller+0x177/0x370 [ 977.305115] ? parse_opts.part.0+0x8e/0x340 [ 977.305525] kstrdup+0x36/0x70 [ 977.305884] parse_opts.part.0+0x8e/0x340 [ 977.306267] ? p9_fd_show_options+0x1c0/0x1c0 [ 977.306681] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 977.307275] ? quarantine_put+0x8b/0x1a0 [ 977.307671] ? trace_hardirqs_on+0x5b/0x180 [ 977.308130] ? kfree+0xd7/0x340 [ 977.308755] p9_fd_create+0x98/0x4a0 [ 977.309149] ? p9_conn_create+0x510/0x510 [ 977.309537] ? p9_client_create+0x798/0x11c0 [ 977.309995] ? kfree+0xd7/0x340 [ 977.310311] p9_client_create+0x7ff/0x11c0 [ 977.310708] ? p9_client_flush+0x430/0x430 [ 977.311182] ? trace_hardirqs_on+0x5b/0x180 [ 977.311579] ? lockdep_init_map_type+0x2c7/0x780 [ 977.312067] ? __raw_spin_lock_init+0x36/0x110 [ 977.312492] v9fs_session_init+0x1dd/0x1680 [ 977.312946] ? lock_release+0x680/0x680 [ 977.313316] ? kmem_cache_alloc_trace+0x151/0x320 [ 977.313772] ? v9fs_show_options+0x690/0x690 [ 977.314235] ? trace_hardirqs_on+0x5b/0x180 [ 977.314635] ? kasan_unpoison_shadow+0x33/0x50 [ 977.315140] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 977.315608] v9fs_mount+0x79/0x8f0 [ 977.315995] ? v9fs_write_inode+0x60/0x60 [ 977.316376] legacy_get_tree+0x105/0x220 [ 977.316741] vfs_get_tree+0x8e/0x300 [ 977.317132] path_mount+0x1429/0x2120 [ 977.317500] ? strncpy_from_user+0x9e/0x470 [ 977.317949] ? finish_automount+0xa90/0xa90 [ 977.318346] ? getname_flags.part.0+0x1dd/0x4f0 [ 977.318772] ? _copy_from_user+0xfb/0x1b0 [ 977.319239] __x64_sys_mount+0x282/0x300 [ 977.319610] ? copy_mnt_ns+0xa00/0xa00 [ 977.320019] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 977.320516] ? syscall_enter_from_user_mode+0x1d/0x50 [ 977.321039] do_syscall_64+0x33/0x40 [ 977.321381] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 977.321915] RIP: 0033:0x7ff91eae3b19 [ 977.322250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 977.324015] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 977.324701] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 977.325399] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 977.326103] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 977.326749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 977.327460] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:02:47 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 30) [ 991.131090] FAULT_INJECTION: forcing a failure. [ 991.131090] name failslab, interval 1, probability 0, space 0, times 0 [ 991.132078] CPU: 0 PID: 8198 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 991.132648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.133345] Call Trace: [ 991.133578] dump_stack+0x107/0x167 [ 991.133908] should_fail.cold+0x5/0xa [ 991.134240] should_failslab+0x5/0x20 [ 991.134568] __kmalloc_track_caller+0x79/0x370 [ 991.134960] ? match_number+0xaf/0x1d0 [ 991.135297] kmemdup_nul+0x2d/0xa0 [ 991.135603] match_number+0xaf/0x1d0 [ 991.135922] ? match_u64+0x190/0x190 [ 991.136239] ? __kmalloc_track_caller+0x2c6/0x370 [ 991.136653] ? memcpy+0x39/0x60 [ 991.136939] parse_opts.part.0+0x1f3/0x340 [ 991.137302] ? p9_fd_show_options+0x1c0/0x1c0 [ 991.141062] FAULT_INJECTION: forcing a failure. [ 991.141062] name failslab, interval 1, probability 0, space 0, times 0 [ 991.153721] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 991.153735] ? trace_hardirqs_on+0x5b/0x180 [ 991.153749] ? kfree+0xd7/0x340 [ 991.153769] p9_fd_create+0x98/0x4a0 [ 991.153782] ? p9_conn_create+0x510/0x510 [ 991.153794] ? p9_client_create+0x798/0x11c0 [ 991.153806] ? kfree+0xd7/0x340 [ 991.153826] p9_client_create+0x7ff/0x11c0 [ 991.153845] ? p9_client_flush+0x430/0x430 [ 991.153859] ? trace_hardirqs_on+0x5b/0x180 [ 991.153874] ? lockdep_init_map_type+0x2c7/0x780 [ 991.153893] ? __raw_spin_lock_init+0x36/0x110 [ 991.153912] v9fs_session_init+0x1dd/0x1680 [ 991.153925] ? lock_release+0x680/0x680 [ 991.153946] ? kmem_cache_alloc_trace+0x151/0x320 [ 991.153959] ? v9fs_show_options+0x690/0x690 [ 991.153979] ? trace_hardirqs_on+0x5b/0x180 [ 991.153996] ? kasan_unpoison_shadow+0x33/0x50 [ 991.154011] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 991.154031] v9fs_mount+0x79/0x8f0 [ 991.154047] ? v9fs_write_inode+0x60/0x60 [ 991.154063] legacy_get_tree+0x105/0x220 [ 991.154078] vfs_get_tree+0x8e/0x300 [ 991.154091] path_mount+0x1429/0x2120 [ 991.154111] ? strncpy_from_user+0x9e/0x470 [ 991.154124] ? finish_automount+0xa90/0xa90 [ 991.154138] ? getname_flags.part.0+0x1dd/0x4f0 [ 991.154152] ? _copy_from_user+0xfb/0x1b0 [ 991.154170] __x64_sys_mount+0x282/0x300 [ 991.154182] ? copy_mnt_ns+0xa00/0xa00 [ 991.154199] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 991.154214] ? syscall_enter_from_user_mode+0x1d/0x50 [ 991.154229] do_syscall_64+0x33/0x40 [ 991.154243] entry_SYSCALL_64_after_hwframe+0x67/0xd1 14:02:47 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 24) 14:02:47 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0) 14:02:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 1) 14:02:47 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) [ 991.154252] RIP: 0033:0x7ff91eae3b19 [ 991.154266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xb, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 991.154273] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 991.154289] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 991.154297] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 991.154305] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 991.154313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 991.154322] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 991.189504] CPU: 1 PID: 8203 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 991.190122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.190845] Call Trace: [ 991.191089] dump_stack+0x107/0x167 [ 991.191455] should_fail.cold+0x5/0xa [ 991.191857] should_failslab+0x5/0x20 [ 991.192261] __kmalloc_track_caller+0x79/0x370 [ 991.192736] ? p9_client_create+0x51e/0x11c0 [ 991.193184] kmemdup_nul+0x2d/0xa0 [ 991.193513] p9_client_create+0x51e/0x11c0 [ 991.193921] ? p9_client_flush+0x430/0x430 [ 991.194308] ? trace_hardirqs_on+0x5b/0x180 [ 991.194701] ? lockdep_init_map_type+0x2c7/0x780 [ 991.195132] ? __raw_spin_lock_init+0x36/0x110 [ 991.195557] v9fs_session_init+0x1dd/0x1680 [ 991.196003] ? lock_release+0x680/0x680 [ 991.196417] ? kmem_cache_alloc_trace+0x151/0x320 [ 991.196874] ? v9fs_show_options+0x690/0x690 [ 991.197278] ? trace_hardirqs_on+0x5b/0x180 [ 991.197681] ? kasan_unpoison_shadow+0x33/0x50 [ 991.198122] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 991.198586] v9fs_mount+0x79/0x8f0 [ 991.198906] ? v9fs_write_inode+0x60/0x60 [ 991.199268] legacy_get_tree+0x105/0x220 [ 991.199624] vfs_get_tree+0x8e/0x300 [ 991.199968] path_mount+0x1429/0x2120 [ 991.200314] ? strncpy_from_user+0x9e/0x470 [ 991.200700] ? finish_automount+0xa90/0xa90 [ 991.201100] ? getname_flags.part.0+0x1dd/0x4f0 [ 991.201524] ? _copy_from_user+0xfb/0x1b0 [ 991.201933] __x64_sys_mount+0x282/0x300 [ 991.202302] ? copy_mnt_ns+0xa00/0xa00 [ 991.202659] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 991.203140] ? syscall_enter_from_user_mode+0x1d/0x50 [ 991.203609] do_syscall_64+0x33/0x40 [ 991.203951] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 991.204414] RIP: 0033:0x7ff4194adb19 [ 991.204749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 991.206397] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 991.207077] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 991.207700] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 991.208340] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 991.208986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 991.209631] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 991.233151] 9pnet: Insufficient options for proto=fd 14:02:47 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 31) [ 991.328193] 9pnet: Insufficient options for proto=fd 14:02:47 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 991.376607] cgroup: fork rejected by pids controller in /syz1 14:02:47 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) [ 991.391649] FAULT_INJECTION: forcing a failure. [ 991.391649] name failslab, interval 1, probability 0, space 0, times 0 [ 991.392803] CPU: 0 PID: 8448 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 991.393410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.394159] Call Trace: [ 991.394413] dump_stack+0x107/0x167 [ 991.394761] should_fail.cold+0x5/0xa [ 991.395115] ? create_object.isra.0+0x3a/0xa20 [ 991.395535] should_failslab+0x5/0x20 [ 991.395895] kmem_cache_alloc+0x5b/0x310 [ 991.396273] create_object.isra.0+0x3a/0xa20 [ 991.396680] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 991.397145] __kmalloc_track_caller+0x177/0x370 [ 991.397566] ? match_number+0xaf/0x1d0 [ 991.397950] kmemdup_nul+0x2d/0xa0 [ 991.398282] match_number+0xaf/0x1d0 [ 991.398631] ? match_u64+0x190/0x190 [ 991.398979] ? __kmalloc_track_caller+0x2c6/0x370 [ 991.399426] ? memcpy+0x39/0x60 [ 991.399743] parse_opts.part.0+0x1f3/0x340 [ 991.400139] ? p9_fd_show_options+0x1c0/0x1c0 [ 991.400569] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 991.401046] ? trace_hardirqs_on+0x5b/0x180 [ 991.401453] ? kfree+0xd7/0x340 [ 991.401782] p9_fd_create+0x98/0x4a0 [ 991.402128] ? p9_conn_create+0x510/0x510 [ 991.402516] ? p9_client_create+0x798/0x11c0 [ 991.402916] ? kfree+0xd7/0x340 [ 991.403234] p9_client_create+0x7ff/0x11c0 [ 991.403634] ? p9_client_flush+0x430/0x430 [ 991.404023] ? trace_hardirqs_on+0x5b/0x180 [ 991.404422] ? lockdep_init_map_type+0x2c7/0x780 [ 991.404865] ? __raw_spin_lock_init+0x36/0x110 [ 991.405288] v9fs_session_init+0x1dd/0x1680 [ 991.405699] ? lock_release+0x680/0x680 [ 991.406071] ? kmem_cache_alloc_trace+0x151/0x320 [ 991.406508] ? v9fs_show_options+0x690/0x690 [ 991.406919] ? trace_hardirqs_on+0x5b/0x180 [ 991.407318] ? kasan_unpoison_shadow+0x33/0x50 [ 991.407743] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 991.408207] v9fs_mount+0x79/0x8f0 [ 991.408539] ? v9fs_write_inode+0x60/0x60 [ 991.408917] legacy_get_tree+0x105/0x220 [ 991.409276] vfs_get_tree+0x8e/0x300 [ 991.409602] path_mount+0x1429/0x2120 [ 991.409965] ? strncpy_from_user+0x9e/0x470 [ 991.410358] ? finish_automount+0xa90/0xa90 [ 991.410756] ? getname_flags.part.0+0x1dd/0x4f0 [ 991.411194] ? _copy_from_user+0xfb/0x1b0 [ 991.411585] __x64_sys_mount+0x282/0x300 [ 991.411971] ? copy_mnt_ns+0xa00/0xa00 [ 991.412335] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 991.412796] ? syscall_enter_from_user_mode+0x1d/0x50 [ 991.413226] do_syscall_64+0x33/0x40 [ 991.413553] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 991.414001] RIP: 0033:0x7ff91eae3b19 [ 991.414318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 991.415840] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 991.416478] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 991.417073] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 991.417691] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 991.418282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 991.418880] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:02:47 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 991.456167] 9pnet: Insufficient options for proto=fd 14:02:47 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 25) 14:02:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98e9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xffff000000000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 14:02:47 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 991.554131] 9pnet: Insufficient options for proto=fd [ 991.578109] FAULT_INJECTION: forcing a failure. [ 991.578109] name failslab, interval 1, probability 0, space 0, times 0 [ 991.579187] CPU: 1 PID: 8581 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 991.579806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 991.580547] Call Trace: [ 991.580798] dump_stack+0x107/0x167 [ 991.581135] should_fail.cold+0x5/0xa [ 991.581486] ? create_object.isra.0+0x3a/0xa20 [ 991.581921] should_failslab+0x5/0x20 [ 991.582274] kmem_cache_alloc+0x5b/0x310 [ 991.582656] create_object.isra.0+0x3a/0xa20 [ 991.583061] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 991.583530] __kmalloc_track_caller+0x177/0x370 [ 991.583959] ? p9_client_create+0x51e/0x11c0 [ 991.584369] kmemdup_nul+0x2d/0xa0 [ 991.584701] p9_client_create+0x51e/0x11c0 [ 991.585100] ? p9_client_flush+0x430/0x430 [ 991.585500] ? trace_hardirqs_on+0x5b/0x180 [ 991.585919] ? lockdep_init_map_type+0x2c7/0x780 [ 991.586358] ? __raw_spin_lock_init+0x36/0x110 [ 991.586783] v9fs_session_init+0x1dd/0x1680 [ 991.587179] ? lock_release+0x680/0x680 [ 991.587547] ? kmem_cache_alloc_trace+0x151/0x320 [ 991.587988] ? v9fs_show_options+0x690/0x690 [ 991.588398] ? trace_hardirqs_on+0x5b/0x180 [ 991.588796] ? kasan_unpoison_shadow+0x33/0x50 [ 991.589215] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 991.589676] v9fs_mount+0x79/0x8f0 [ 991.589972] ? v9fs_write_inode+0x60/0x60 [ 991.590308] legacy_get_tree+0x105/0x220 [ 991.590641] vfs_get_tree+0x8e/0x300 [ 991.590949] path_mount+0x1429/0x2120 [ 991.591262] ? strncpy_from_user+0x9e/0x470 [ 991.591607] ? finish_automount+0xa90/0xa90 [ 991.591968] ? getname_flags.part.0+0x1dd/0x4f0 [ 991.592345] ? _copy_from_user+0xfb/0x1b0 [ 991.592697] __x64_sys_mount+0x282/0x300 [ 991.593066] ? copy_mnt_ns+0xa00/0xa00 [ 991.593426] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 991.593922] ? syscall_enter_from_user_mode+0x1d/0x50 [ 991.594394] do_syscall_64+0x33/0x40 [ 991.594742] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 991.595207] RIP: 0033:0x7ff4194adb19 [ 991.595549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 991.597177] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 991.597883] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 991.598531] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 991.599174] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 991.599818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 991.600466] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:03:02 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x700, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:02 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 26) [ 1006.564025] FAULT_INJECTION: forcing a failure. [ 1006.564025] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.564939] CPU: 0 PID: 8698 Comm: syz-executor.2 Not tainted 5.10.223 #1 14:03:02 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:02 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 14:03:02 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98ea, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:02 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:02 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:02 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 32) [ 1006.565450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1006.567136] Call Trace: [ 1006.568336] dump_stack+0x107/0x167 [ 1006.569158] should_fail.cold+0x5/0xa [ 1006.569659] should_failslab+0x5/0x20 [ 1006.570214] __kmalloc_track_caller+0x79/0x370 [ 1006.570597] ? match_number+0xaf/0x1d0 [ 1006.570919] ? kfree+0xd7/0x340 [ 1006.571198] kmemdup_nul+0x2d/0xa0 [ 1006.571492] match_number+0xaf/0x1d0 [ 1006.571803] ? match_u64+0x190/0x190 [ 1006.572113] ? __kmalloc_track_caller+0x2c6/0x370 [ 1006.572512] ? memcpy+0x39/0x60 [ 1006.572792] parse_opts.part.0+0x1f3/0x340 [ 1006.573142] ? p9_fd_show_options+0x1c0/0x1c0 [ 1006.573517] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1006.573971] ? trace_hardirqs_on+0x5b/0x180 [ 1006.574329] ? kfree+0xd7/0x340 [ 1006.574609] p9_fd_create+0x98/0x4a0 [ 1006.574920] ? p9_conn_create+0x510/0x510 [ 1006.575262] ? p9_client_create+0x798/0x11c0 [ 1006.575625] ? kfree+0xd7/0x340 [ 1006.575907] p9_client_create+0x7ff/0x11c0 [ 1006.576263] ? p9_client_flush+0x430/0x430 [ 1006.576616] ? trace_hardirqs_on+0x5b/0x180 [ 1006.576974] ? lockdep_init_map_type+0x2c7/0x780 [ 1006.577371] ? __raw_spin_lock_init+0x36/0x110 [ 1006.577754] v9fs_session_init+0x1dd/0x1680 [ 1006.578130] ? lock_release+0x680/0x680 [ 1006.578466] ? kmem_cache_alloc_trace+0x151/0x320 [ 1006.578864] ? v9fs_show_options+0x690/0x690 [ 1006.579233] ? trace_hardirqs_on+0x5b/0x180 [ 1006.579592] ? kasan_unpoison_shadow+0x33/0x50 [ 1006.579971] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1006.580395] v9fs_mount+0x79/0x8f0 [ 1006.580693] ? v9fs_write_inode+0x60/0x60 [ 1006.581038] legacy_get_tree+0x105/0x220 [ 1006.581377] vfs_get_tree+0x8e/0x300 [ 1006.581686] path_mount+0x1429/0x2120 [ 1006.582020] ? strncpy_from_user+0x9e/0x470 [ 1006.582377] ? finish_automount+0xa90/0xa90 [ 1006.582736] ? getname_flags.part.0+0x1dd/0x4f0 [ 1006.583124] ? _copy_from_user+0xfb/0x1b0 [ 1006.583473] __x64_sys_mount+0x282/0x300 [ 1006.583810] ? copy_mnt_ns+0xa00/0xa00 [ 1006.584137] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1006.584571] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1006.584998] do_syscall_64+0x33/0x40 [ 1006.585307] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1006.585728] RIP: 0033:0x7ff91eae3b19 [ 1006.586075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.586702] 9pnet: Insufficient options for proto=fd [ 1006.587615] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1006.587630] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1006.587637] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1006.587651] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1006.590749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1006.591410] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 1006.592143] 9pnet: Insufficient options for proto=fd [ 1006.598836] FAULT_INJECTION: forcing a failure. [ 1006.598836] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.600469] CPU: 1 PID: 8693 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1006.601090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1006.601902] Call Trace: [ 1006.602153] dump_stack+0x107/0x167 [ 1006.602544] should_fail.cold+0x5/0xa [ 1006.602905] should_failslab+0x5/0x20 [ 1006.603331] __kmalloc_track_caller+0x79/0x370 [ 1006.603760] ? p9_client_create+0x51e/0x11c0 [ 1006.604172] kmemdup_nul+0x2d/0xa0 [ 1006.604567] p9_client_create+0x51e/0x11c0 [ 1006.604964] ? p9_client_flush+0x430/0x430 [ 1006.605511] ? trace_hardirqs_on+0x5b/0x180 [ 1006.605927] ? lockdep_init_map_type+0x2c7/0x780 [ 1006.606476] ? __raw_spin_lock_init+0x36/0x110 [ 1006.606903] v9fs_session_init+0x1dd/0x1680 [ 1006.607351] ? lock_release+0x680/0x680 [ 1006.607724] ? kmem_cache_alloc_trace+0x151/0x320 [ 1006.608171] ? v9fs_show_options+0x690/0x690 [ 1006.608661] ? trace_hardirqs_on+0x5b/0x180 [ 1006.609063] ? kasan_unpoison_shadow+0x33/0x50 [ 1006.609538] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1006.610023] v9fs_mount+0x79/0x8f0 [ 1006.610404] ? v9fs_write_inode+0x60/0x60 [ 1006.610788] legacy_get_tree+0x105/0x220 [ 1006.611170] vfs_get_tree+0x8e/0x300 [ 1006.611562] path_mount+0x1429/0x2120 [ 1006.611919] ? strncpy_from_user+0x9e/0x470 [ 1006.612366] ? finish_automount+0xa90/0xa90 [ 1006.612765] ? getname_flags.part.0+0x1dd/0x4f0 [ 1006.613191] ? _copy_from_user+0xfb/0x1b0 [ 1006.613659] __x64_sys_mount+0x282/0x300 [ 1006.614049] ? copy_mnt_ns+0xa00/0xa00 [ 1006.614476] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1006.614957] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1006.615486] do_syscall_64+0x33/0x40 [ 1006.615832] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1006.616346] RIP: 0033:0x7ff4194adb19 [ 1006.616688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.618501] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1006.619197] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1006.619897] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1006.620592] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1006.621285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1006.621962] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:03:02 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 14:03:02 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 27) 14:03:02 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1006.743603] 9pnet: Insufficient options for proto=fd [ 1006.760982] FAULT_INJECTION: forcing a failure. [ 1006.760982] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.762282] CPU: 0 PID: 9011 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1006.762966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1006.763709] Call Trace: [ 1006.764091] dump_stack+0x107/0x167 [ 1006.764426] should_fail.cold+0x5/0xa [ 1006.764828] ? create_object.isra.0+0x3a/0xa20 [ 1006.765278] should_failslab+0x5/0x20 [ 1006.765638] kmem_cache_alloc+0x5b/0x310 [ 1006.766100] create_object.isra.0+0x3a/0xa20 [ 1006.766531] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1006.767069] __kmalloc_track_caller+0x177/0x370 [ 1006.767516] ? p9_client_create+0x598/0x11c0 [ 1006.768032] kmemdup_nul+0x2d/0xa0 [ 1006.768372] p9_client_create+0x598/0x11c0 [ 1006.771695] ? p9_client_flush+0x430/0x430 [ 1006.772540] ? trace_hardirqs_on+0x5b/0x180 [ 1006.773053] ? lockdep_init_map_type+0x2c7/0x780 [ 1006.773506] ? __raw_spin_lock_init+0x36/0x110 [ 1006.773937] v9fs_session_init+0x1dd/0x1680 [ 1006.775277] ? lock_release+0x680/0x680 [ 1006.775659] ? kmem_cache_alloc_trace+0x151/0x320 [ 1006.776378] ? v9fs_show_options+0x690/0x690 [ 1006.776848] ? trace_hardirqs_on+0x5b/0x180 [ 1006.777264] ? kasan_unpoison_shadow+0x33/0x50 [ 1006.777932] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1006.778550] v9fs_mount+0x79/0x8f0 [ 1006.779002] ? v9fs_write_inode+0x60/0x60 [ 1006.779407] legacy_get_tree+0x105/0x220 [ 1006.780015] vfs_get_tree+0x8e/0x300 [ 1006.780363] path_mount+0x1429/0x2120 [ 1006.780982] ? strncpy_from_user+0x9e/0x470 [ 1006.781385] ? finish_automount+0xa90/0xa90 [ 1006.781995] ? getname_flags.part.0+0x1dd/0x4f0 [ 1006.782440] ? _copy_from_user+0xfb/0x1b0 [ 1006.783046] __x64_sys_mount+0x282/0x300 [ 1006.783447] ? copy_mnt_ns+0xa00/0xa00 [ 1006.783905] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1006.784551] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1006.785328] do_syscall_64+0x33/0x40 [ 1006.785774] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1006.786397] RIP: 0033:0x7ff4194adb19 [ 1006.786760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.789988] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1006.790702] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1006.791544] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1006.792586] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1006.793451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1006.794188] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:03:16 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98eb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:16 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 28) [ 1020.636101] 9pnet: Insufficient options for proto=fd [ 1020.642943] FAULT_INJECTION: forcing a failure. [ 1020.642943] name failslab, interval 1, probability 0, space 0, times 0 [ 1020.643982] CPU: 1 PID: 9136 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1020.644599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1020.645347] Call Trace: [ 1020.645602] dump_stack+0x107/0x167 [ 1020.645945] should_fail.cold+0x5/0xa [ 1020.646324] should_failslab+0x5/0x20 [ 1020.646683] __kmalloc_track_caller+0x79/0x370 [ 1020.647106] ? parse_opts.part.0+0x8e/0x340 [ 1020.647511] kstrdup+0x36/0x70 [ 1020.647815] parse_opts.part.0+0x8e/0x340 [ 1020.648203] ? p9_fd_show_options+0x1c0/0x1c0 [ 1020.648245] FAULT_INJECTION: forcing a failure. [ 1020.648245] name failslab, interval 1, probability 0, space 0, times 0 [ 1020.648592] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1020.648605] ? quarantine_put+0x8b/0x1a0 [ 1020.648621] ? trace_hardirqs_on+0x5b/0x180 [ 1020.650667] ? kfree+0xd7/0x340 [ 1020.650958] p9_fd_create+0x98/0x4a0 [ 1020.651277] ? p9_conn_create+0x510/0x510 [ 1020.651636] ? p9_client_create+0x798/0x11c0 [ 1020.652011] ? kfree+0xd7/0x340 [ 1020.652301] p9_client_create+0x7ff/0x11c0 [ 1020.652669] ? p9_client_flush+0x430/0x430 [ 1020.653031] ? trace_hardirqs_on+0x5b/0x180 [ 1020.653398] ? lockdep_init_map_type+0x2c7/0x780 [ 1020.653808] ? __raw_spin_lock_init+0x36/0x110 [ 1020.654216] v9fs_session_init+0x1dd/0x1680 [ 1020.654587] ? lock_release+0x680/0x680 [ 1020.654930] ? kmem_cache_alloc_trace+0x151/0x320 [ 1020.655337] ? v9fs_show_options+0x690/0x690 [ 1020.655717] ? trace_hardirqs_on+0x5b/0x180 [ 1020.656085] ? kasan_unpoison_shadow+0x33/0x50 [ 1020.656477] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1020.656913] v9fs_mount+0x79/0x8f0 [ 1020.657218] ? v9fs_write_inode+0x60/0x60 [ 1020.657575] legacy_get_tree+0x105/0x220 [ 1020.657921] vfs_get_tree+0x8e/0x300 [ 1020.658247] path_mount+0x1429/0x2120 [ 1020.658578] ? strncpy_from_user+0x9e/0x470 [ 1020.658945] ? finish_automount+0xa90/0xa90 [ 1020.659311] ? getname_flags.part.0+0x1dd/0x4f0 [ 1020.659708] ? _copy_from_user+0xfb/0x1b0 [ 1020.660065] __x64_sys_mount+0x282/0x300 [ 1020.660410] ? copy_mnt_ns+0xa00/0xa00 [ 1020.660748] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1020.661192] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1020.661631] do_syscall_64+0x33/0x40 [ 1020.661949] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1020.662395] RIP: 0033:0x7ff4194adb19 [ 1020.662713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1020.664245] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1020.664889] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1020.665487] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1020.666323] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1020.667551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1020.668773] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1020.670032] CPU: 0 PID: 9159 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1020.670735] 9pnet: Insufficient options for proto=fd [ 1020.670779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1020.670788] Call Trace: [ 1020.673661] dump_stack+0x107/0x167 [ 1020.674171] should_fail.cold+0x5/0xa [ 1020.674527] ? create_object.isra.0+0x3a/0xa20 [ 1020.674944] should_failslab+0x5/0x20 [ 1020.675292] kmem_cache_alloc+0x5b/0x310 [ 1020.675669] create_object.isra.0+0x3a/0xa20 [ 1020.676071] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1020.676535] __kmalloc_track_caller+0x177/0x370 [ 1020.676963] ? match_number+0xaf/0x1d0 [ 1020.677326] kmemdup_nul+0x2d/0xa0 [ 1020.677655] match_number+0xaf/0x1d0 [ 1020.678014] ? match_u64+0x190/0x190 [ 1020.678360] ? __kmalloc_track_caller+0x2c6/0x370 [ 1020.678800] ? memcpy+0x39/0x60 [ 1020.679112] parse_opts.part.0+0x1f3/0x340 [ 1020.679504] ? p9_fd_show_options+0x1c0/0x1c0 [ 1020.679921] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1020.680392] ? trace_hardirqs_on+0x5b/0x180 [ 1020.680788] ? kfree+0xd7/0x340 [ 1020.681101] p9_fd_create+0x98/0x4a0 [ 1020.681450] ? p9_conn_create+0x510/0x510 [ 1020.681836] ? p9_client_create+0x798/0x11c0 [ 1020.682300] ? kfree+0xd7/0x340 [ 1020.682604] p9_client_create+0x7ff/0x11c0 [ 1020.682996] ? p9_client_flush+0x430/0x430 [ 1020.683383] ? trace_hardirqs_on+0x5b/0x180 [ 1020.683775] ? lockdep_init_map_type+0x2c7/0x780 [ 1020.684209] ? __raw_spin_lock_init+0x36/0x110 [ 1020.684630] v9fs_session_init+0x1dd/0x1680 [ 1020.685027] ? lock_release+0x680/0x680 [ 1020.685401] ? kmem_cache_alloc_trace+0x151/0x320 [ 1020.685845] ? v9fs_show_options+0x690/0x690 [ 1020.686309] ? trace_hardirqs_on+0x5b/0x180 [ 1020.686706] ? kasan_unpoison_shadow+0x33/0x50 [ 1020.690558] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1020.690984] v9fs_mount+0x79/0x8f0 [ 1020.691284] ? v9fs_write_inode+0x60/0x60 [ 1020.691631] legacy_get_tree+0x105/0x220 [ 1020.691970] vfs_get_tree+0x8e/0x300 [ 1020.692280] path_mount+0x1429/0x2120 [ 1020.692606] ? strncpy_from_user+0x9e/0x470 [ 1020.692965] ? finish_automount+0xa90/0xa90 [ 1020.693324] ? getname_flags.part.0+0x1dd/0x4f0 [ 1020.693711] ? _copy_from_user+0xfb/0x1b0 [ 1020.694102] __x64_sys_mount+0x282/0x300 [ 1020.694442] ? copy_mnt_ns+0xa00/0xa00 [ 1020.694769] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1020.695205] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1020.695635] do_syscall_64+0x33/0x40 [ 1020.695945] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1020.696370] RIP: 0033:0x7ff91eae3b19 [ 1020.696682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1020.698227] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1020.698862] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1020.699450] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1020.700038] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1020.700625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1020.701213] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:03:16 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:16 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:16 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x7, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:16 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 33) 14:03:16 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) 14:03:16 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x900, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:16 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 14:03:16 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98ec, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:17 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 29) 14:03:17 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:17 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1020.847893] FAULT_INJECTION: forcing a failure. [ 1020.847893] name failslab, interval 1, probability 0, space 0, times 0 [ 1020.849016] CPU: 0 PID: 9368 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1020.849629] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1020.850428] Call Trace: [ 1020.850679] dump_stack+0x107/0x167 [ 1020.851096] should_fail.cold+0x5/0xa [ 1020.851449] ? create_object.isra.0+0x3a/0xa20 [ 1020.851922] should_failslab+0x5/0x20 [ 1020.852271] kmem_cache_alloc+0x5b/0x310 [ 1020.852643] ? legacy_get_tree+0x105/0x220 [ 1020.853076] ? vfs_get_tree+0x8e/0x300 [ 1020.853431] create_object.isra.0+0x3a/0xa20 [ 1020.853889] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1020.854366] __kmalloc_track_caller+0x177/0x370 [ 1020.854866] ? parse_opts.part.0+0x8e/0x340 [ 1020.855273] kstrdup+0x36/0x70 [ 1020.855573] parse_opts.part.0+0x8e/0x340 [ 1020.856004] ? p9_fd_show_options+0x1c0/0x1c0 [ 1020.856420] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1020.856977] ? quarantine_put+0x8b/0x1a0 [ 1020.857347] ? trace_hardirqs_on+0x5b/0x180 [ 1020.857751] ? kfree+0xd7/0x340 [ 1020.858136] p9_fd_create+0x98/0x4a0 [ 1020.858481] ? p9_conn_create+0x510/0x510 [ 1020.858937] ? p9_client_create+0x798/0x11c0 [ 1020.859336] ? kfree+0xd7/0x340 [ 1020.859645] p9_client_create+0x7ff/0x11c0 [ 1020.860090] ? p9_client_flush+0x430/0x430 [ 1020.860476] ? trace_hardirqs_on+0x5b/0x180 [ 1020.860922] ? lockdep_init_map_type+0x2c7/0x780 [ 1020.861362] ? __raw_spin_lock_init+0x36/0x110 [ 1020.861851] v9fs_session_init+0x1dd/0x1680 [ 1020.862279] ? lock_release+0x680/0x680 [ 1020.862652] ? kmem_cache_alloc_trace+0x151/0x320 [ 1020.863176] ? v9fs_show_options+0x690/0x690 [ 1020.863588] ? trace_hardirqs_on+0x5b/0x180 [ 1020.864045] ? kasan_unpoison_shadow+0x33/0x50 [ 1020.864468] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1020.864986] v9fs_mount+0x79/0x8f0 [ 1020.865320] ? v9fs_write_inode+0x60/0x60 [ 1020.865706] legacy_get_tree+0x105/0x220 [ 1020.866153] vfs_get_tree+0x8e/0x300 [ 1020.866498] path_mount+0x1429/0x2120 [ 1020.866932] ? strncpy_from_user+0x9e/0x470 [ 1020.867324] ? finish_automount+0xa90/0xa90 [ 1020.867727] ? getname_flags.part.0+0x1dd/0x4f0 [ 1020.868201] ? _copy_from_user+0xfb/0x1b0 [ 1020.868594] __x64_sys_mount+0x282/0x300 [ 1020.869017] ? copy_mnt_ns+0xa00/0xa00 [ 1020.869372] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1020.869895] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1020.870385] do_syscall_64+0x33/0x40 [ 1020.870729] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1020.871261] RIP: 0033:0x7ff4194adb19 [ 1020.871594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1020.873340] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1020.874102] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1020.876641] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1020.877342] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1020.878045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1020.878703] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:03:31 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 14:03:31 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98ed, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 34) 14:03:31 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 30) 14:03:31 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xa00, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x9, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1035.094504] FAULT_INJECTION: forcing a failure. [ 1035.094504] name failslab, interval 1, probability 0, space 0, times 0 [ 1035.095534] CPU: 0 PID: 9593 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1035.096147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1035.096882] Call Trace: [ 1035.097144] dump_stack+0x107/0x167 [ 1035.097467] should_fail.cold+0x5/0xa [ 1035.097809] ? p9_fd_create+0x161/0x4a0 [ 1035.098174] should_failslab+0x5/0x20 [ 1035.098516] kmem_cache_alloc_trace+0x55/0x320 [ 1035.098922] p9_fd_create+0x161/0x4a0 [ 1035.099257] ? p9_conn_create+0x510/0x510 [ 1035.099618] ? p9_client_create+0x798/0x11c0 [ 1035.100003] ? kfree+0xd7/0x340 [ 1035.100301] p9_client_create+0x7ff/0x11c0 [ 1035.100678] ? p9_client_flush+0x430/0x430 [ 1035.101053] ? trace_hardirqs_on+0x5b/0x180 [ 1035.101434] ? lockdep_init_map_type+0x2c7/0x780 [ 1035.101855] ? __raw_spin_lock_init+0x36/0x110 [ 1035.102281] v9fs_session_init+0x1dd/0x1680 [ 1035.102659] ? lock_release+0x680/0x680 [ 1035.103017] ? kmem_cache_alloc_trace+0x151/0x320 [ 1035.103436] ? v9fs_show_options+0x690/0x690 [ 1035.103828] ? trace_hardirqs_on+0x5b/0x180 [ 1035.104209] ? kasan_unpoison_shadow+0x33/0x50 [ 1035.104609] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1035.105058] v9fs_mount+0x79/0x8f0 [ 1035.105374] ? v9fs_write_inode+0x60/0x60 [ 1035.105740] legacy_get_tree+0x105/0x220 [ 1035.106099] vfs_get_tree+0x8e/0x300 [ 1035.106445] path_mount+0x1429/0x2120 [ 1035.106785] ? strncpy_from_user+0x9e/0x470 [ 1035.107162] ? finish_automount+0xa90/0xa90 [ 1035.107540] ? getname_flags.part.0+0x1dd/0x4f0 [ 1035.107948] ? _copy_from_user+0xfb/0x1b0 [ 1035.108315] __x64_sys_mount+0x282/0x300 [ 1035.108669] ? copy_mnt_ns+0xa00/0xa00 [ 1035.109015] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1035.109473] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1035.109931] do_syscall_64+0x33/0x40 [ 1035.110282] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1035.110730] RIP: 0033:0x7ff91eae3b19 [ 1035.111060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1035.112636] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1035.113294] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1035.113915] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1035.114550] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1035.115166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1035.115785] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 1035.125749] FAULT_INJECTION: forcing a failure. [ 1035.125749] name failslab, interval 1, probability 0, space 0, times 0 [ 1035.126905] CPU: 0 PID: 9644 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1035.127495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1035.128212] Call Trace: [ 1035.128450] dump_stack+0x107/0x167 [ 1035.128771] should_fail.cold+0x5/0xa [ 1035.129117] should_failslab+0x5/0x20 [ 1035.129452] __kmalloc_track_caller+0x79/0x370 [ 1035.129854] ? match_number+0xaf/0x1d0 [ 1035.130220] kmemdup_nul+0x2d/0xa0 [ 1035.130539] match_number+0xaf/0x1d0 [ 1035.130869] ? match_u64+0x190/0x190 [ 1035.131197] ? __kmalloc_track_caller+0x2c6/0x370 [ 1035.131623] ? memcpy+0x39/0x60 [ 1035.131921] parse_opts.part.0+0x1f3/0x340 [ 1035.132294] ? p9_fd_show_options+0x1c0/0x1c0 [ 1035.132690] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1035.133148] ? trace_hardirqs_on+0x5b/0x180 [ 1035.133531] ? kfree+0xd7/0x340 [ 1035.133829] p9_fd_create+0x98/0x4a0 [ 1035.134167] ? p9_conn_create+0x510/0x510 [ 1035.134536] ? p9_client_create+0x798/0x11c0 [ 1035.134924] ? kfree+0xd7/0x340 [ 1035.135223] p9_client_create+0x7ff/0x11c0 [ 1035.135602] ? p9_client_flush+0x430/0x430 [ 1035.135977] ? trace_hardirqs_on+0x5b/0x180 [ 1035.136356] ? lockdep_init_map_type+0x2c7/0x780 [ 1035.136776] ? __raw_spin_lock_init+0x36/0x110 [ 1035.137182] v9fs_session_init+0x1dd/0x1680 [ 1035.137565] ? lock_release+0x680/0x680 [ 1035.137928] ? kmem_cache_alloc_trace+0x151/0x320 [ 1035.138377] ? v9fs_show_options+0x690/0x690 [ 1035.138773] ? trace_hardirqs_on+0x5b/0x180 [ 1035.139162] ? kasan_unpoison_shadow+0x33/0x50 [ 1035.139568] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1035.140017] v9fs_mount+0x79/0x8f0 [ 1035.140333] ? v9fs_write_inode+0x60/0x60 [ 1035.140701] legacy_get_tree+0x105/0x220 [ 1035.141061] vfs_get_tree+0x8e/0x300 [ 1035.141388] path_mount+0x1429/0x2120 [ 1035.141728] ? strncpy_from_user+0x9e/0x470 [ 1035.142105] ? finish_automount+0xa90/0xa90 [ 1035.142509] ? getname_flags.part.0+0x1dd/0x4f0 [ 1035.142926] ? _copy_from_user+0xfb/0x1b0 [ 1035.143302] __x64_sys_mount+0x282/0x300 [ 1035.143657] ? copy_mnt_ns+0xa00/0xa00 [ 1035.144000] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1035.144455] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1035.144889] do_syscall_64+0x33/0x40 [ 1035.145197] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1035.145618] RIP: 0033:0x7ff4194adb19 [ 1035.145932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1035.147463] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1035.148110] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1035.148697] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1035.149282] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1035.149870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1035.150473] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:03:31 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xa, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98ee, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1035.203482] 9pnet: Insufficient options for proto=fd 14:03:31 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 35) 14:03:31 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 31) 14:03:31 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1035.287876] FAULT_INJECTION: forcing a failure. [ 1035.287876] name failslab, interval 1, probability 0, space 0, times 0 [ 1035.288948] CPU: 0 PID: 9884 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1035.289552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1035.290289] Call Trace: [ 1035.290535] dump_stack+0x107/0x167 [ 1035.290866] should_fail.cold+0x5/0xa [ 1035.291215] ? create_object.isra.0+0x3a/0xa20 [ 1035.291624] should_failslab+0x5/0x20 [ 1035.291967] kmem_cache_alloc+0x5b/0x310 [ 1035.292332] ? p9_fd_show_options+0x1c0/0x1c0 [ 1035.292730] create_object.isra.0+0x3a/0xa20 [ 1035.293120] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1035.293572] kmem_cache_alloc_trace+0x151/0x320 [ 1035.293985] p9_fd_create+0x161/0x4a0 [ 1035.294344] ? p9_conn_create+0x510/0x510 [ 1035.294712] ? p9_client_create+0x798/0x11c0 [ 1035.295103] ? kfree+0xd7/0x340 [ 1035.295402] p9_client_create+0x7ff/0x11c0 [ 1035.295782] ? p9_client_flush+0x430/0x430 [ 1035.296168] ? trace_hardirqs_on+0x5b/0x180 [ 1035.296555] ? lockdep_init_map_type+0x2c7/0x780 [ 1035.296979] ? __raw_spin_lock_init+0x36/0x110 [ 1035.297393] v9fs_session_init+0x1dd/0x1680 [ 1035.297774] ? lock_release+0x680/0x680 [ 1035.298136] ? kmem_cache_alloc_trace+0x151/0x320 [ 1035.298572] ? v9fs_show_options+0x690/0x690 [ 1035.298966] ? trace_hardirqs_on+0x5b/0x180 [ 1035.299348] ? kasan_unpoison_shadow+0x33/0x50 [ 1035.299751] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1035.300207] v9fs_mount+0x79/0x8f0 [ 1035.300524] ? v9fs_write_inode+0x60/0x60 [ 1035.300895] legacy_get_tree+0x105/0x220 [ 1035.301252] vfs_get_tree+0x8e/0x300 [ 1035.301580] path_mount+0x1429/0x2120 [ 1035.301923] ? strncpy_from_user+0x9e/0x470 [ 1035.302324] ? finish_automount+0xa90/0xa90 [ 1035.302705] ? getname_flags.part.0+0x1dd/0x4f0 [ 1035.303124] ? _copy_from_user+0xfb/0x1b0 [ 1035.303499] __x64_sys_mount+0x282/0x300 [ 1035.303858] ? copy_mnt_ns+0xa00/0xa00 [ 1035.304203] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1035.304664] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1035.305118] do_syscall_64+0x33/0x40 [ 1035.305450] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1035.305899] RIP: 0033:0x7ff91eae3b19 [ 1035.306245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1035.307820] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1035.308478] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1035.309093] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1035.309710] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1035.310339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1035.310956] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 1035.333727] FAULT_INJECTION: forcing a failure. 14:03:31 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98ef, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1035.333727] name failslab, interval 1, probability 0, space 0, times 0 [ 1035.334783] CPU: 0 PID: 9997 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1035.335365] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1035.336084] Call Trace: [ 1035.336318] dump_stack+0x107/0x167 [ 1035.336639] should_fail.cold+0x5/0xa [ 1035.336976] ? create_object.isra.0+0x3a/0xa20 [ 1035.337381] should_failslab+0x5/0x20 [ 1035.337721] kmem_cache_alloc+0x5b/0x310 [ 1035.338083] create_object.isra.0+0x3a/0xa20 [ 1035.338493] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1035.338949] __kmalloc_track_caller+0x177/0x370 [ 1035.339358] ? match_number+0xaf/0x1d0 [ 1035.339711] kmemdup_nul+0x2d/0xa0 [ 1035.340025] match_number+0xaf/0x1d0 [ 1035.340354] ? match_u64+0x190/0x190 [ 1035.340685] ? __kmalloc_track_caller+0x2c6/0x370 [ 1035.341111] ? memcpy+0x39/0x60 [ 1035.341411] parse_opts.part.0+0x1f3/0x340 [ 1035.341789] ? p9_fd_show_options+0x1c0/0x1c0 [ 1035.342200] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1035.342663] ? trace_hardirqs_on+0x5b/0x180 [ 1035.343047] ? kfree+0xd7/0x340 [ 1035.343347] p9_fd_create+0x98/0x4a0 [ 1035.343679] ? p9_conn_create+0x510/0x510 [ 1035.344049] ? p9_client_create+0x798/0x11c0 [ 1035.344438] ? kfree+0xd7/0x340 [ 1035.344736] p9_client_create+0x7ff/0x11c0 [ 1035.345116] ? p9_client_flush+0x430/0x430 [ 1035.345487] ? trace_hardirqs_on+0x5b/0x180 [ 1035.345868] ? lockdep_init_map_type+0x2c7/0x780 [ 1035.346304] ? __raw_spin_lock_init+0x36/0x110 [ 1035.346710] v9fs_session_init+0x1dd/0x1680 [ 1035.347090] ? lock_release+0x680/0x680 [ 1035.347446] ? kmem_cache_alloc_trace+0x151/0x320 [ 1035.347866] ? v9fs_show_options+0x690/0x690 [ 1035.348256] ? trace_hardirqs_on+0x5b/0x180 [ 1035.348638] ? kasan_unpoison_shadow+0x33/0x50 [ 1035.349043] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1035.349491] v9fs_mount+0x79/0x8f0 [ 1035.349812] ? v9fs_write_inode+0x60/0x60 [ 1035.350191] legacy_get_tree+0x105/0x220 [ 1035.350553] vfs_get_tree+0x8e/0x300 [ 1035.350887] path_mount+0x1429/0x2120 [ 1035.351233] ? strncpy_from_user+0x9e/0x470 [ 1035.351610] ? finish_automount+0xa90/0xa90 [ 1035.351997] ? getname_flags.part.0+0x1dd/0x4f0 [ 1035.352409] ? _copy_from_user+0xfb/0x1b0 [ 1035.352780] __x64_sys_mount+0x282/0x300 [ 1035.353136] ? copy_mnt_ns+0xa00/0xa00 [ 1035.353483] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1035.353948] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1035.354420] do_syscall_64+0x33/0x40 [ 1035.354750] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1035.355204] RIP: 0033:0x7ff4194adb19 [ 1035.355536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1035.357127] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1035.357791] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1035.358425] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1035.359045] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1035.359662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1035.360289] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:03:31 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xb00, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 14:03:31 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xb, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f1, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x13a, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:31 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 36) 14:03:31 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x10, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1035.615266] FAULT_INJECTION: forcing a failure. [ 1035.615266] name failslab, interval 1, probability 0, space 0, times 0 [ 1035.616296] CPU: 1 PID: 10420 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1035.616897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1035.617593] Call Trace: [ 1035.617835] dump_stack+0x107/0x167 [ 1035.618162] should_fail.cold+0x5/0xa [ 1035.618564] ? p9_client_prepare_req.part.0+0x3a/0xac0 [ 1035.619011] should_failslab+0x5/0x20 [ 1035.619335] kmem_cache_alloc+0x5b/0x310 [ 1035.619684] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1035.620124] p9_client_rpc+0x220/0x1370 [ 1035.620464] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1035.620911] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1035.621364] ? pipe_poll+0x21b/0x7f0 [ 1035.621681] ? p9_fd_close+0x4a0/0x4a0 [ 1035.622010] ? anon_pipe_buf_release+0x280/0x280 [ 1035.622455] ? p9_fd_poll+0x1e0/0x2c0 [ 1035.622788] ? p9_fd_create+0x357/0x4a0 [ 1035.623124] ? p9_conn_create+0x510/0x510 [ 1035.623473] ? p9_client_create+0x798/0x11c0 [ 1035.623843] ? kfree+0xd7/0x340 [ 1035.624127] p9_client_create+0xa76/0x11c0 [ 1035.624490] ? p9_client_flush+0x430/0x430 [ 1035.624850] ? trace_hardirqs_on+0x5b/0x180 [ 1035.625216] ? lockdep_init_map_type+0x2c7/0x780 [ 1035.625618] ? __raw_spin_lock_init+0x36/0x110 [ 1035.626014] v9fs_session_init+0x1dd/0x1680 [ 1035.626482] ? lock_release+0x680/0x680 [ 1035.626825] ? kmem_cache_alloc_trace+0x151/0x320 [ 1035.627233] ? v9fs_show_options+0x690/0x690 [ 1035.627609] ? trace_hardirqs_on+0x5b/0x180 [ 1035.627976] ? kasan_unpoison_shadow+0x33/0x50 [ 1035.628361] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1035.628799] v9fs_mount+0x79/0x8f0 [ 1035.629103] ? v9fs_write_inode+0x60/0x60 [ 1035.629455] legacy_get_tree+0x105/0x220 [ 1035.629799] vfs_get_tree+0x8e/0x300 [ 1035.630114] path_mount+0x1429/0x2120 [ 1035.630462] ? strncpy_from_user+0x9e/0x470 [ 1035.630827] ? finish_automount+0xa90/0xa90 [ 1035.631193] ? getname_flags.part.0+0x1dd/0x4f0 [ 1035.631600] ? _copy_from_user+0xfb/0x1b0 [ 1035.631962] __x64_sys_mount+0x282/0x300 [ 1035.632307] ? copy_mnt_ns+0xa00/0xa00 [ 1035.632644] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1035.633089] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1035.633529] do_syscall_64+0x33/0x40 [ 1035.633852] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1035.634303] RIP: 0033:0x7ff91eae3b19 [ 1035.634624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1035.636182] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1035.636828] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1035.637438] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1035.638039] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1035.638659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1035.639268] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:03:31 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:45 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x700, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:45 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:45 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 32) [ 1049.735354] FAULT_INJECTION: forcing a failure. [ 1049.735354] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.736384] CPU: 1 PID: 10699 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1049.737012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.737746] Call Trace: [ 1049.737975] dump_stack+0x107/0x167 [ 1049.738281] should_fail.cold+0x5/0xa [ 1049.738707] should_failslab+0x5/0x20 [ 1049.739033] __kmalloc_track_caller+0x79/0x370 [ 1049.739417] ? match_number+0xaf/0x1d0 [ 1049.739793] ? kfree+0xd7/0x340 [ 1049.740077] kmemdup_nul+0x2d/0xa0 [ 1049.740376] match_number+0xaf/0x1d0 [ 1049.740747] ? match_u64+0x190/0x190 [ 1049.741060] ? __kmalloc_track_caller+0x2c6/0x370 [ 1049.741464] ? memcpy+0x39/0x60 [ 1049.741794] parse_opts.part.0+0x1f3/0x340 14:03:45 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:45 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:45 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:45 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x1020, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:45 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 37) [ 1049.742151] ? p9_fd_show_options+0x1c0/0x1c0 [ 1049.742556] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1049.743072] ? trace_hardirqs_on+0x5b/0x180 [ 1049.743434] ? kfree+0xd7/0x340 [ 1049.743762] p9_fd_create+0x98/0x4a0 [ 1049.744077] ? p9_conn_create+0x510/0x510 [ 1049.744423] ? p9_client_create+0x798/0x11c0 [ 1049.745104] ? kfree+0xd7/0x340 [ 1049.745389] p9_client_create+0x7ff/0x11c0 [ 1049.745795] ? p9_client_flush+0x430/0x430 [ 1049.746152] ? trace_hardirqs_on+0x5b/0x180 [ 1049.746534] ? lockdep_init_map_type+0x2c7/0x780 [ 1049.747014] ? __raw_spin_lock_init+0x36/0x110 [ 1049.747402] v9fs_session_init+0x1dd/0x1680 [ 1049.747818] ? kmem_cache_alloc_trace+0x151/0x320 [ 1049.748222] ? v9fs_show_options+0x690/0x690 [ 1049.748596] ? trace_hardirqs_on+0x5b/0x180 [ 1049.749014] ? kasan_unpoison_shadow+0x33/0x50 [ 1049.749397] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1049.749873] v9fs_mount+0x79/0x8f0 [ 1049.750177] ? v9fs_write_inode+0x60/0x60 [ 1049.750545] legacy_get_tree+0x105/0x220 [ 1049.750967] vfs_get_tree+0x8e/0x300 [ 1049.751281] path_mount+0x1429/0x2120 [ 1049.751604] ? strncpy_from_user+0x9e/0x470 [ 1049.752013] ? finish_automount+0xa90/0xa90 [ 1049.752374] ? getname_flags.part.0+0x1dd/0x4f0 [ 1049.752818] ? _copy_from_user+0xfb/0x1b0 [ 1049.753169] __x64_sys_mount+0x282/0x300 [ 1049.753507] ? copy_mnt_ns+0xa00/0xa00 [ 1049.753883] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1049.754329] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1049.754844] do_syscall_64+0x33/0x40 [ 1049.755158] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1049.755585] RIP: 0033:0x7ff4194adb19 [ 1049.755942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.758337] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1049.759053] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1049.759694] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1049.760286] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1049.760929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1049.761523] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1049.762251] 9pnet: Insufficient options for proto=fd [ 1049.783264] FAULT_INJECTION: forcing a failure. [ 1049.783264] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.784371] CPU: 1 PID: 10762 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1049.785004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.785736] Call Trace: [ 1049.785965] dump_stack+0x107/0x167 [ 1049.786272] should_fail.cold+0x5/0xa [ 1049.786687] ? create_object.isra.0+0x3a/0xa20 [ 1049.787083] should_failslab+0x5/0x20 [ 1049.787403] kmem_cache_alloc+0x5b/0x310 [ 1049.787796] create_object.isra.0+0x3a/0xa20 [ 1049.788166] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1049.788594] kmem_cache_alloc+0x159/0x310 [ 1049.789004] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1049.789433] p9_client_rpc+0x220/0x1370 [ 1049.789815] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1049.790260] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1049.790808] ? pipe_poll+0x21b/0x7f0 [ 1049.791122] ? p9_fd_close+0x4a0/0x4a0 [ 1049.791448] ? anon_pipe_buf_release+0x280/0x280 [ 1049.791894] ? p9_fd_poll+0x1e0/0x2c0 [ 1049.792220] ? p9_fd_create+0x357/0x4a0 [ 1049.792553] ? p9_conn_create+0x510/0x510 [ 1049.792968] ? p9_client_create+0x798/0x11c0 [ 1049.793339] ? kfree+0xd7/0x340 [ 1049.793663] p9_client_create+0xa76/0x11c0 [ 1049.794033] ? p9_client_flush+0x430/0x430 [ 1049.794403] ? trace_hardirqs_on+0x5b/0x180 [ 1049.794852] ? lockdep_init_map_type+0x2c7/0x780 [ 1049.795254] ? __raw_spin_lock_init+0x36/0x110 [ 1049.795692] v9fs_session_init+0x1dd/0x1680 [ 1049.796066] ? lock_release+0x680/0x680 [ 1049.796404] ? kmem_cache_alloc_trace+0x151/0x320 [ 1049.796867] ? v9fs_show_options+0x690/0x690 [ 1049.797242] ? trace_hardirqs_on+0x5b/0x180 [ 1049.797605] ? kasan_unpoison_shadow+0x33/0x50 [ 1049.798036] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1049.798481] v9fs_mount+0x79/0x8f0 [ 1049.798861] ? v9fs_write_inode+0x60/0x60 [ 1049.799214] legacy_get_tree+0x105/0x220 [ 1049.799555] vfs_get_tree+0x8e/0x300 [ 1049.799913] path_mount+0x1429/0x2120 [ 1049.800239] ? strncpy_from_user+0x9e/0x470 [ 1049.800600] ? finish_automount+0xa90/0xa90 [ 1049.801017] ? getname_flags.part.0+0x1dd/0x4f0 [ 1049.801408] ? _copy_from_user+0xfb/0x1b0 [ 1049.801806] __x64_sys_mount+0x282/0x300 [ 1049.802149] ? copy_mnt_ns+0xa00/0xa00 [ 1049.802495] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1049.803013] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1049.803446] do_syscall_64+0x33/0x40 [ 1049.803806] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1049.804235] RIP: 0033:0x7ff91eae3b19 [ 1049.804547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.806157] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1049.806886] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1049.807478] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1049.808115] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1049.808765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1049.809357] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:03:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:46 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 33) 14:03:46 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:46 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:46 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x900, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:46 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:03:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1049.934110] FAULT_INJECTION: forcing a failure. [ 1049.934110] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.935193] CPU: 0 PID: 11005 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1049.935774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1049.936473] Call Trace: [ 1049.936703] dump_stack+0x107/0x167 [ 1049.937015] should_fail.cold+0x5/0xa [ 1049.937343] ? create_object.isra.0+0x3a/0xa20 [ 1049.937733] should_failslab+0x5/0x20 [ 1049.938059] kmem_cache_alloc+0x5b/0x310 [ 1049.938422] create_object.isra.0+0x3a/0xa20 [ 1049.938797] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1049.939230] __kmalloc_track_caller+0x177/0x370 [ 1049.939627] ? match_number+0xaf/0x1d0 [ 1049.939964] kmemdup_nul+0x2d/0xa0 [ 1049.940268] match_number+0xaf/0x1d0 [ 1049.940587] ? match_u64+0x190/0x190 [ 1049.940904] ? __kmalloc_track_caller+0x2c6/0x370 [ 1049.941316] ? memcpy+0x39/0x60 [ 1049.941602] parse_opts.part.0+0x1f3/0x340 [ 1049.941969] ? p9_fd_show_options+0x1c0/0x1c0 [ 1049.942366] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1049.942811] ? trace_hardirqs_on+0x5b/0x180 [ 1049.943180] ? kfree+0xd7/0x340 [ 1049.943467] p9_fd_create+0x98/0x4a0 [ 1049.943783] ? p9_conn_create+0x510/0x510 [ 1049.944135] ? p9_client_create+0x798/0x11c0 [ 1049.944506] ? kfree+0xd7/0x340 [ 1049.944798] p9_client_create+0x7ff/0x11c0 [ 1049.945163] ? p9_client_flush+0x430/0x430 [ 1049.945522] ? trace_hardirqs_on+0x5b/0x180 [ 1049.945890] ? lockdep_init_map_type+0x2c7/0x780 [ 1049.946302] ? __raw_spin_lock_init+0x36/0x110 [ 1049.946703] v9fs_session_init+0x1dd/0x1680 [ 1049.947071] ? lock_release+0x680/0x680 [ 1049.947415] ? kmem_cache_alloc_trace+0x151/0x320 [ 1049.947824] ? v9fs_show_options+0x690/0x690 [ 1049.948205] ? trace_hardirqs_on+0x5b/0x180 [ 1049.948574] ? kasan_unpoison_shadow+0x33/0x50 [ 1049.948964] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1049.949399] v9fs_mount+0x79/0x8f0 [ 1049.949705] ? v9fs_write_inode+0x60/0x60 [ 1049.950060] legacy_get_tree+0x105/0x220 [ 1049.950422] vfs_get_tree+0x8e/0x300 [ 1049.950744] path_mount+0x1429/0x2120 [ 1049.951073] ? strncpy_from_user+0x9e/0x470 [ 1049.951441] ? finish_automount+0xa90/0xa90 [ 1049.951809] ? getname_flags.part.0+0x1dd/0x4f0 [ 1049.952204] ? _copy_from_user+0xfb/0x1b0 [ 1049.952561] __x64_sys_mount+0x282/0x300 [ 1049.952906] ? copy_mnt_ns+0xa00/0xa00 [ 1049.953240] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1049.953687] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1049.954126] do_syscall_64+0x33/0x40 [ 1049.954457] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1049.954907] RIP: 0033:0x7ff4194adb19 [ 1049.955227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1049.956772] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1049.957418] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1049.958021] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1049.958638] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1049.959240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1049.959857] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:03:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1049.998015] cgroup: fork rejected by pids controller in /syz5 14:04:00 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 34) 14:04:00 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:00 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:00 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1064.513550] FAULT_INJECTION: forcing a failure. [ 1064.513550] name failslab, interval 1, probability 0, space 0, times 0 [ 1064.516083] CPU: 0 PID: 11272 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1064.517356] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1064.518691] Call Trace: [ 1064.519061] dump_stack+0x107/0x167 [ 1064.519371] should_fail.cold+0x5/0xa [ 1064.519697] ? p9_fd_create+0x161/0x4a0 [ 1064.520086] should_failslab+0x5/0x20 [ 1064.520413] kmem_cache_alloc_trace+0x55/0x320 [ 1064.520852] p9_fd_create+0x161/0x4a0 [ 1064.521173] ? p9_conn_create+0x510/0x510 [ 1064.521521] ? p9_client_create+0x798/0x11c0 [ 1064.521961] ? kfree+0xd7/0x340 [ 1064.522251] p9_client_create+0x7ff/0x11c0 [ 1064.522675] ? p9_client_flush+0x430/0x430 [ 1064.523081] ? trace_hardirqs_on+0x5b/0x180 [ 1064.523455] ? lockdep_init_map_type+0x2c7/0x780 [ 1064.523906] ? __raw_spin_lock_init+0x36/0x110 [ 1064.524295] v9fs_session_init+0x1dd/0x1680 [ 1064.524659] ? lock_release+0x680/0x680 [ 1064.525135] ? kmem_cache_alloc_trace+0x151/0x320 [ 1064.525540] ? v9fs_show_options+0x690/0x690 [ 1064.525985] ? trace_hardirqs_on+0x5b/0x180 [ 1064.526356] ? kasan_unpoison_shadow+0x33/0x50 [ 1064.527284] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1064.528197] v9fs_mount+0x79/0x8f0 [ 1064.528864] ? v9fs_write_inode+0x60/0x60 [ 1064.529022] FAULT_INJECTION: forcing a failure. [ 1064.529022] name failslab, interval 1, probability 0, space 0, times 0 [ 1064.529578] legacy_get_tree+0x105/0x220 [ 1064.529596] vfs_get_tree+0x8e/0x300 [ 1064.532242] path_mount+0x1429/0x2120 [ 1064.532952] ? strncpy_from_user+0x9e/0x470 [ 1064.533693] ? finish_automount+0xa90/0xa90 [ 1064.534528] ? getname_flags.part.0+0x1dd/0x4f0 [ 1064.535371] ? _copy_from_user+0xfb/0x1b0 [ 1064.536131] __x64_sys_mount+0x282/0x300 [ 1064.536984] ? copy_mnt_ns+0xa00/0xa00 [ 1064.537648] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1064.538559] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1064.539069] do_syscall_64+0x33/0x40 [ 1064.539395] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1064.539870] RIP: 0033:0x7ff4194adb19 [ 1064.540184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1064.541906] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1064.542725] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1064.544023] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1064.545278] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1064.546575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1064.548138] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1064.549734] CPU: 1 PID: 11280 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1064.550490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1064.551393] Call Trace: [ 1064.551735] dump_stack+0x107/0x167 [ 1064.552118] should_fail.cold+0x5/0xa [ 1064.552527] ? p9_fcall_init+0x97/0x290 [ 1064.552981] should_failslab+0x5/0x20 [ 1064.553341] __kmalloc+0x72/0x390 [ 1064.553788] p9_fcall_init+0x97/0x290 [ 1064.554200] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1064.554800] p9_client_rpc+0x220/0x1370 [ 1064.555218] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1064.555821] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1064.556388] ? pipe_poll+0x21b/0x7f0 [ 1064.556831] ? p9_fd_close+0x4a0/0x4a0 [ 1064.557248] ? anon_pipe_buf_release+0x280/0x280 [ 1064.557798] ? p9_fd_poll+0x1e0/0x2c0 [ 1064.558207] ? p9_fd_create+0x357/0x4a0 [ 1064.558684] ? p9_conn_create+0x510/0x510 [ 1064.559111] ? p9_client_create+0x798/0x11c0 [ 1064.559577] ? kfree+0xd7/0x340 [ 1064.559977] p9_client_create+0xa76/0x11c0 [ 1064.560439] ? p9_client_flush+0x430/0x430 [ 1064.560930] ? trace_hardirqs_on+0x5b/0x180 [ 1064.561391] ? lockdep_init_map_type+0x2c7/0x780 [ 1064.561968] ? __raw_spin_lock_init+0x36/0x110 [ 1064.562468] v9fs_session_init+0x1dd/0x1680 [ 1064.562945] ? lock_release+0x680/0x680 [ 1064.563376] ? kmem_cache_alloc_trace+0x151/0x320 [ 1064.563928] ? v9fs_show_options+0x690/0x690 [ 1064.564404] ? trace_hardirqs_on+0x5b/0x180 [ 1064.564911] ? kasan_unpoison_shadow+0x33/0x50 [ 1064.565397] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1064.566007] v9fs_mount+0x79/0x8f0 [ 1064.566394] ? v9fs_write_inode+0x60/0x60 [ 1064.566824] legacy_get_tree+0x105/0x220 [ 1064.567176] vfs_get_tree+0x8e/0x300 [ 1064.567499] path_mount+0x1429/0x2120 [ 1064.567882] ? strncpy_from_user+0x9e/0x470 [ 1064.568253] ? finish_automount+0xa90/0xa90 [ 1064.568680] ? getname_flags.part.0+0x1dd/0x4f0 [ 1064.569083] ? _copy_from_user+0xfb/0x1b0 [ 1064.569448] __x64_sys_mount+0x282/0x300 [ 1064.569873] ? copy_mnt_ns+0xa00/0xa00 [ 1064.570213] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1064.570736] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1064.571180] do_syscall_64+0x33/0x40 [ 1064.571505] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1064.571989] RIP: 0033:0x7ff91eae3b19 [ 1064.572318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 14:04:00 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 38) 14:04:00 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xa00, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:00 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2010, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:00 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1064.573983] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1064.574697] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1064.575542] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1064.576196] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1064.576862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1064.577474] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:04:15 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 35) 14:04:15 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x700, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xedc0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 39) 14:04:15 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xb00, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1078.896769] FAULT_INJECTION: forcing a failure. [ 1078.896769] name failslab, interval 1, probability 0, space 0, times 0 [ 1078.897814] CPU: 1 PID: 11715 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1078.898449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1078.899178] Call Trace: [ 1078.899437] dump_stack+0x107/0x167 [ 1078.899760] should_fail.cold+0x5/0xa [ 1078.900099] ? create_object.isra.0+0x3a/0xa20 [ 1078.900526] should_failslab+0x5/0x20 [ 1078.900874] kmem_cache_alloc+0x5b/0x310 [ 1078.901256] create_object.isra.0+0x3a/0xa20 [ 1078.901649] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1078.902085] __kmalloc+0x16e/0x390 [ 1078.902429] p9_fcall_init+0x97/0x290 [ 1078.902801] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1078.903284] p9_client_rpc+0x220/0x1370 [ 1078.903653] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1078.904142] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1078.904655] ? pipe_poll+0x21b/0x7f0 [ 1078.904999] ? p9_fd_close+0x4a0/0x4a0 [ 1078.905381] ? anon_pipe_buf_release+0x280/0x280 [ 1078.905819] ? p9_fd_poll+0x1e0/0x2c0 [ 1078.906175] ? p9_fd_create+0x357/0x4a0 [ 1078.906568] ? p9_conn_create+0x510/0x510 [ 1078.906965] ? p9_client_create+0x798/0x11c0 [ 1078.907392] ? kfree+0xd7/0x340 [ 1078.907706] p9_client_create+0xa76/0x11c0 [ 1078.908101] ? p9_client_flush+0x430/0x430 [ 1078.908515] ? trace_hardirqs_on+0x5b/0x180 [ 1078.908930] ? lockdep_init_map_type+0x2c7/0x780 [ 1078.909386] ? __raw_spin_lock_init+0x36/0x110 [ 1078.909829] v9fs_session_init+0x1dd/0x1680 [ 1078.910227] ? lock_release+0x680/0x680 [ 1078.910629] ? kmem_cache_alloc_trace+0x151/0x320 [ 1078.911091] ? v9fs_show_options+0x690/0x690 [ 1078.911520] ? trace_hardirqs_on+0x5b/0x180 [ 1078.911936] ? kasan_unpoison_shadow+0x33/0x50 [ 1078.912378] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1078.912869] v9fs_mount+0x79/0x8f0 [ 1078.913202] ? v9fs_write_inode+0x60/0x60 [ 1078.913607] legacy_get_tree+0x105/0x220 [ 1078.913997] vfs_get_tree+0x8e/0x300 [ 1078.914359] path_mount+0x1429/0x2120 [ 1078.918758] ? strncpy_from_user+0x9e/0x470 [ 1078.919156] ? finish_automount+0xa90/0xa90 [ 1078.919570] ? getname_flags.part.0+0x1dd/0x4f0 [ 1078.920012] ? _copy_from_user+0xfb/0x1b0 [ 1078.920417] __x64_sys_mount+0x282/0x300 [ 1078.920803] ? copy_mnt_ns+0xa00/0xa00 [ 1078.921163] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1078.921693] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1078.922197] do_syscall_64+0x33/0x40 [ 1078.922578] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1078.923090] RIP: 0033:0x7ff91eae3b19 [ 1078.923438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1078.925162] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1078.925906] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1078.926581] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1078.927277] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1078.927964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1078.928670] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:04:15 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1079.009729] FAULT_INJECTION: forcing a failure. [ 1079.009729] name failslab, interval 1, probability 0, space 0, times 0 [ 1079.010754] CPU: 0 PID: 11703 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1079.011337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1079.012037] Call Trace: [ 1079.012270] dump_stack+0x107/0x167 [ 1079.012583] should_fail.cold+0x5/0xa [ 1079.012912] ? create_object.isra.0+0x3a/0xa20 [ 1079.013301] should_failslab+0x5/0x20 [ 1079.013630] kmem_cache_alloc+0x5b/0x310 [ 1079.013977] ? p9_fd_show_options+0x1c0/0x1c0 [ 1079.014358] create_object.isra.0+0x3a/0xa20 [ 1079.014746] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1079.015180] kmem_cache_alloc_trace+0x151/0x320 [ 1079.015578] p9_fd_create+0x161/0x4a0 [ 1079.015902] ? p9_conn_create+0x510/0x510 [ 1079.016255] ? p9_client_create+0x798/0x11c0 [ 1079.016628] ? kfree+0xd7/0x340 [ 1079.016913] p9_client_create+0x7ff/0x11c0 [ 1079.017278] ? p9_client_flush+0x430/0x430 [ 1079.017640] ? trace_hardirqs_on+0x5b/0x180 [ 1079.018008] ? lockdep_init_map_type+0x2c7/0x780 [ 1079.018415] ? __raw_spin_lock_init+0x36/0x110 [ 1079.018831] v9fs_session_init+0x1dd/0x1680 [ 1079.019194] ? lock_release+0x680/0x680 [ 1079.019536] ? kmem_cache_alloc_trace+0x151/0x320 [ 1079.019939] ? v9fs_show_options+0x690/0x690 [ 1079.020312] ? trace_hardirqs_on+0x5b/0x180 [ 1079.020681] ? kasan_unpoison_shadow+0x33/0x50 [ 1079.021065] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1079.021497] v9fs_mount+0x79/0x8f0 [ 1079.021801] ? v9fs_write_inode+0x60/0x60 [ 1079.022152] legacy_get_tree+0x105/0x220 [ 1079.022495] vfs_get_tree+0x8e/0x300 [ 1079.022827] path_mount+0x1429/0x2120 [ 1079.023152] ? strncpy_from_user+0x9e/0x470 [ 1079.023518] ? finish_automount+0xa90/0xa90 [ 1079.023884] ? getname_flags.part.0+0x1dd/0x4f0 [ 1079.024276] ? _copy_from_user+0xfb/0x1b0 [ 1079.024632] __x64_sys_mount+0x282/0x300 [ 1079.024975] ? copy_mnt_ns+0xa00/0xa00 [ 1079.025306] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1079.025751] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1079.026186] do_syscall_64+0x33/0x40 [ 1079.026511] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1079.026962] RIP: 0033:0x7ff4194adb19 [ 1079.027278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1079.028823] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1079.029466] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1079.030064] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 14:04:15 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x80000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1079.030674] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1079.031279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1079.031895] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:04:15 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98f9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x700, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98fa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:15 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x13a, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1093.102946] FAULT_INJECTION: forcing a failure. [ 1093.102946] name failslab, interval 1, probability 0, space 0, times 0 [ 1093.103962] CPU: 0 PID: 12571 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1093.104546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1093.105246] Call Trace: [ 1093.105479] dump_stack+0x107/0x167 [ 1093.105789] should_fail.cold+0x5/0xa [ 1093.106116] ? p9_client_prepare_req.part.0+0x3a/0xac0 [ 1093.106564] should_failslab+0x5/0x20 [ 1093.106905] kmem_cache_alloc+0x5b/0x310 [ 1093.107310] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1093.107749] p9_client_rpc+0x220/0x1370 [ 1093.108138] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1093.108663] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1093.109184] ? pipe_poll+0x21b/0x7f0 [ 1093.109554] ? p9_fd_close+0x4a0/0x4a0 [ 1093.109933] ? anon_pipe_buf_release+0x280/0x280 [ 1093.110382] ? p9_fd_poll+0x1e0/0x2c0 [ 1093.110711] ? p9_fd_create+0x357/0x4a0 [ 1093.111105] ? p9_conn_create+0x510/0x510 [ 1093.111464] ? p9_client_create+0x798/0x11c0 [ 1093.111846] ? kfree+0xd7/0x340 [ 1093.112172] p9_client_create+0xa76/0x11c0 [ 1093.112539] ? p9_client_flush+0x430/0x430 [ 1093.112923] ? trace_hardirqs_on+0x5b/0x180 [ 1093.113346] ? lockdep_init_map_type+0x2c7/0x780 [ 1093.113753] ? __raw_spin_lock_init+0x36/0x110 [ 1093.114206] v9fs_session_init+0x1dd/0x1680 [ 1093.114625] ? lock_release+0x680/0x680 [ 1093.122374] FAULT_INJECTION: forcing a failure. [ 1093.122374] name failslab, interval 1, probability 0, space 0, times 0 [ 1093.127033] ? kmem_cache_alloc_trace+0x151/0x320 [ 1093.127046] ? v9fs_show_options+0x690/0x690 [ 1093.127064] ? trace_hardirqs_on+0x5b/0x180 [ 1093.129754] ? kasan_unpoison_shadow+0x33/0x50 [ 1093.130236] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1093.130799] v9fs_mount+0x79/0x8f0 [ 1093.131143] ? v9fs_write_inode+0x60/0x60 [ 1093.131508] legacy_get_tree+0x105/0x220 [ 1093.131865] vfs_get_tree+0x8e/0x300 [ 1093.132186] path_mount+0x1429/0x2120 [ 1093.132516] ? strncpy_from_user+0x9e/0x470 [ 1093.132895] ? finish_automount+0xa90/0xa90 [ 1093.133265] ? getname_flags.part.0+0x1dd/0x4f0 [ 1093.133683] ? _copy_from_user+0xfb/0x1b0 [ 1093.134060] __x64_sys_mount+0x282/0x300 [ 1093.134405] ? copy_mnt_ns+0xa00/0xa00 [ 1093.134763] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1093.135276] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1093.135726] do_syscall_64+0x33/0x40 [ 1093.136063] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1093.136506] RIP: 0033:0x7ff4194adb19 [ 1093.136837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1093.138387] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1093.139071] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1093.139696] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1093.140314] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1093.140935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1093.141534] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1093.142171] CPU: 1 PID: 12568 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1093.142809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1093.143551] Call Trace: [ 1093.143797] dump_stack+0x107/0x167 [ 1093.144134] should_fail.cold+0x5/0xa [ 1093.144480] ? p9_fcall_init+0x97/0x290 [ 1093.144839] should_failslab+0x5/0x20 [ 1093.145176] __kmalloc+0x72/0x390 [ 1093.145491] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1093.145955] p9_fcall_init+0x97/0x290 [ 1093.146309] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1093.146786] p9_client_rpc+0x220/0x1370 [ 1093.151220] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1093.151707] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1093.152212] ? pipe_poll+0x21b/0x7f0 [ 1093.152557] ? p9_fd_close+0x4a0/0x4a0 [ 1093.152934] ? anon_pipe_buf_release+0x280/0x280 [ 1093.153370] ? p9_fd_poll+0x1e0/0x2c0 [ 1093.153729] ? p9_fd_create+0x357/0x4a0 [ 1093.154119] ? p9_conn_create+0x510/0x510 [ 1093.154499] ? p9_client_create+0x798/0x11c0 [ 1093.154925] ? kfree+0xd7/0x340 [ 1093.155252] p9_client_create+0xa76/0x11c0 [ 1093.155647] ? p9_client_flush+0x430/0x430 [ 1093.156055] ? trace_hardirqs_on+0x5b/0x180 [ 1093.156455] ? lockdep_init_map_type+0x2c7/0x780 [ 1093.156912] ? __raw_spin_lock_init+0x36/0x110 [ 1093.157335] v9fs_session_init+0x1dd/0x1680 [ 1093.157730] ? lock_release+0x680/0x680 [ 1093.158120] ? kmem_cache_alloc_trace+0x151/0x320 [ 1093.158562] ? v9fs_show_options+0x690/0x690 [ 1093.158992] ? trace_hardirqs_on+0x5b/0x180 [ 1093.159392] ? kasan_unpoison_shadow+0x33/0x50 [ 1093.159812] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1093.160279] v9fs_mount+0x79/0x8f0 [ 1093.160611] ? v9fs_write_inode+0x60/0x60 [ 1093.160991] legacy_get_tree+0x105/0x220 [ 1093.161364] vfs_get_tree+0x8e/0x300 [ 1093.161701] path_mount+0x1429/0x2120 [ 1093.162051] ? strncpy_from_user+0x9e/0x470 [ 1093.162443] ? finish_automount+0xa90/0xa90 [ 1093.162871] ? getname_flags.part.0+0x1dd/0x4f0 [ 1093.163293] ? _copy_from_user+0xfb/0x1b0 [ 1093.163667] __x64_sys_mount+0x282/0x300 [ 1093.164053] ? copy_mnt_ns+0xa00/0xa00 [ 1093.164411] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1093.164902] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1093.165378] do_syscall_64+0x33/0x40 [ 1093.165721] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1093.166194] RIP: 0033:0x7ff91eae3b19 14:04:29 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x700, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 36) 14:04:29 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x98fb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 40) 14:04:29 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x1020, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x1000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1093.166533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1093.175032] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1093.175730] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1093.176391] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1093.177064] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1093.177718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1093.178385] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:04:29 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x992b, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x992c, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x5a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 37) 14:04:29 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 1) 14:04:29 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x992d, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:29 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1093.415655] FAULT_INJECTION: forcing a failure. [ 1093.415655] name failslab, interval 1, probability 0, space 0, times 0 [ 1093.416781] CPU: 1 PID: 13105 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1093.417407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1093.418146] Call Trace: [ 1093.418395] dump_stack+0x107/0x167 [ 1093.418729] should_fail.cold+0x5/0xa [ 1093.419106] should_failslab+0x5/0x20 [ 1093.419461] __kmalloc_track_caller+0x79/0x370 [ 1093.419879] ? strndup_user+0x74/0xe0 [ 1093.420244] memdup_user+0x22/0xd0 [ 1093.420576] strndup_user+0x74/0xe0 [ 1093.420919] __x64_sys_mount+0x133/0x300 [ 1093.421300] ? copy_mnt_ns+0xa00/0xa00 [ 1093.421667] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1093.422147] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1093.422620] do_syscall_64+0x33/0x40 [ 1093.422974] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1093.422985] FAULT_INJECTION: forcing a failure. [ 1093.422985] name failslab, interval 1, probability 0, space 0, times 0 [ 1093.424325] RIP: 0033:0x7f78e3094b19 [ 1093.424644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1093.426174] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1093.426827] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1093.427433] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1093.428034] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1093.428631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1093.429229] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1093.429845] CPU: 0 PID: 13121 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1093.430485] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1093.431250] Call Trace: [ 1093.431500] dump_stack+0x107/0x167 [ 1093.431840] should_fail.cold+0x5/0xa [ 1093.432195] ? create_object.isra.0+0x3a/0xa20 [ 1093.432614] should_failslab+0x5/0x20 [ 1093.432965] kmem_cache_alloc+0x5b/0x310 [ 1093.433340] create_object.isra.0+0x3a/0xa20 [ 1093.433750] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1093.434214] kmem_cache_alloc+0x159/0x310 [ 1093.434605] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1093.435089] p9_client_rpc+0x220/0x1370 [ 1093.435458] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1093.435937] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1093.436422] ? pipe_poll+0x21b/0x7f0 [ 1093.436767] ? p9_fd_close+0x4a0/0x4a0 [ 1093.437119] ? anon_pipe_buf_release+0x280/0x280 [ 1093.437551] ? p9_fd_poll+0x1e0/0x2c0 [ 1093.437908] ? p9_fd_create+0x357/0x4a0 [ 1093.438272] ? p9_conn_create+0x510/0x510 [ 1093.438653] ? p9_client_create+0x798/0x11c0 [ 1093.439070] ? kfree+0xd7/0x340 [ 1093.439383] p9_client_create+0xa76/0x11c0 [ 1093.439781] ? p9_client_flush+0x430/0x430 [ 1093.440169] ? trace_hardirqs_on+0x5b/0x180 [ 1093.440571] ? lockdep_init_map_type+0x2c7/0x780 [ 1093.441004] ? __raw_spin_lock_init+0x36/0x110 [ 1093.441426] v9fs_session_init+0x1dd/0x1680 [ 1093.441817] ? lock_release+0x680/0x680 [ 1093.442183] ? kmem_cache_alloc_trace+0x151/0x320 [ 1093.442619] ? v9fs_show_options+0x690/0x690 [ 1093.443042] ? trace_hardirqs_on+0x5b/0x180 [ 1093.443442] ? kasan_unpoison_shadow+0x33/0x50 [ 1093.443860] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1093.444328] v9fs_mount+0x79/0x8f0 [ 1093.444660] ? v9fs_write_inode+0x60/0x60 [ 1093.445043] legacy_get_tree+0x105/0x220 [ 1093.445416] vfs_get_tree+0x8e/0x300 [ 1093.445761] path_mount+0x1429/0x2120 [ 1093.446116] ? strncpy_from_user+0x9e/0x470 [ 1093.446511] ? finish_automount+0xa90/0xa90 [ 1093.446921] ? getname_flags.part.0+0x1dd/0x4f0 [ 1093.447339] ? _copy_from_user+0xfb/0x1b0 [ 1093.447720] __x64_sys_mount+0x282/0x300 [ 1093.448084] ? copy_mnt_ns+0xa00/0xa00 [ 1093.448446] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1093.448917] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1093.449385] do_syscall_64+0x33/0x40 [ 1093.449728] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1093.450197] RIP: 0033:0x7ff4194adb19 [ 1093.450542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1093.452200] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1093.452898] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1093.453538] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1093.454179] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1093.454837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1093.455483] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:04:43 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x7000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:43 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 38) 14:04:43 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 2) 14:04:43 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 41) 14:04:43 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x992e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:43 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:43 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2010, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:43 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1107.566714] FAULT_INJECTION: forcing a failure. [ 1107.566714] name failslab, interval 1, probability 0, space 0, times 0 [ 1107.567779] CPU: 0 PID: 13436 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1107.568356] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1107.569047] Call Trace: [ 1107.569277] dump_stack+0x107/0x167 [ 1107.569590] should_fail.cold+0x5/0xa [ 1107.569924] FAULT_INJECTION: forcing a failure. [ 1107.569924] name failslab, interval 1, probability 0, space 0, times 0 [ 1107.569939] ? create_object.isra.0+0x3a/0xa20 [ 1107.570868] should_failslab+0x5/0x20 [ 1107.570886] kmem_cache_alloc+0x5b/0x310 [ 1107.571987] create_object.isra.0+0x3a/0xa20 [ 1107.572364] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1107.572799] __kmalloc_track_caller+0x177/0x370 [ 1107.573195] ? strndup_user+0x74/0xe0 [ 1107.573525] memdup_user+0x22/0xd0 [ 1107.573828] strndup_user+0x74/0xe0 [ 1107.574141] __x64_sys_mount+0x133/0x300 [ 1107.574494] ? copy_mnt_ns+0xa00/0xa00 [ 1107.574832] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1107.575294] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1107.575728] do_syscall_64+0x33/0x40 [ 1107.576041] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1107.576471] RIP: 0033:0x7f78e3094b19 [ 1107.576786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1107.578315] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1107.578961] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1107.579563] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1107.580159] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1107.580759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1107.581354] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1107.581975] CPU: 1 PID: 13451 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1107.582571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1107.583302] Call Trace: [ 1107.583538] dump_stack+0x107/0x167 [ 1107.583846] should_fail.cold+0x5/0xa [ 1107.584171] ? create_object.isra.0+0x3a/0xa20 [ 1107.584560] should_failslab+0x5/0x20 [ 1107.584880] kmem_cache_alloc+0x5b/0x310 [ 1107.585224] create_object.isra.0+0x3a/0xa20 [ 1107.585596] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1107.586025] __kmalloc+0x16e/0x390 [ 1107.586330] p9_fcall_init+0x97/0x290 [ 1107.586660] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1107.587147] p9_client_rpc+0x220/0x1370 [ 1107.587493] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1107.587936] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1107.588389] ? pipe_poll+0x21b/0x7f0 [ 1107.588707] ? p9_fd_close+0x4a0/0x4a0 [ 1107.589033] ? anon_pipe_buf_release+0x280/0x280 [ 1107.589437] ? p9_fd_poll+0x1e0/0x2c0 [ 1107.589764] ? p9_fd_create+0x357/0x4a0 [ 1107.590098] ? p9_conn_create+0x510/0x510 [ 1107.590449] ? p9_client_create+0x798/0x11c0 [ 1107.590823] ? kfree+0xd7/0x340 [ 1107.591439] p9_client_create+0xa76/0x11c0 [ 1107.591808] ? p9_client_flush+0x430/0x430 [ 1107.592169] ? trace_hardirqs_on+0x5b/0x180 [ 1107.592539] ? lockdep_init_map_type+0x2c7/0x780 [ 1107.592943] ? __raw_spin_lock_init+0x36/0x110 [ 1107.593334] v9fs_session_init+0x1dd/0x1680 [ 1107.593700] ? lock_release+0x680/0x680 [ 1107.594044] ? kmem_cache_alloc_trace+0x151/0x320 [ 1107.594454] ? v9fs_show_options+0x690/0x690 [ 1107.594830] ? trace_hardirqs_on+0x5b/0x180 [ 1107.595284] ? kasan_unpoison_shadow+0x33/0x50 [ 1107.595702] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1107.596169] v9fs_mount+0x79/0x8f0 [ 1107.596504] ? v9fs_write_inode+0x60/0x60 [ 1107.596856] legacy_get_tree+0x105/0x220 [ 1107.597202] vfs_get_tree+0x8e/0x300 [ 1107.597525] path_mount+0x1429/0x2120 [ 1107.597859] ? strncpy_from_user+0x9e/0x470 [ 1107.598092] FAULT_INJECTION: forcing a failure. [ 1107.598092] name failslab, interval 1, probability 0, space 0, times 0 [ 1107.598227] ? finish_automount+0xa90/0xa90 [ 1107.599842] ? getname_flags.part.0+0x1dd/0x4f0 [ 1107.600351] ? _copy_from_user+0xfb/0x1b0 [ 1107.600804] __x64_sys_mount+0x282/0x300 [ 1107.601249] ? copy_mnt_ns+0xa00/0xa00 [ 1107.601679] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1107.602253] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1107.602820] do_syscall_64+0x33/0x40 [ 1107.603488] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1107.604347] RIP: 0033:0x7ff91eae3b19 [ 1107.604969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1107.607584] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1107.608218] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1107.608809] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1107.609400] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1107.609989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1107.610582] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 1107.611226] CPU: 0 PID: 13458 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1107.611832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1107.612527] Call Trace: [ 1107.612754] dump_stack+0x107/0x167 [ 1107.613062] should_fail.cold+0x5/0xa [ 1107.613387] ? p9_fcall_init+0x97/0x290 [ 1107.613727] should_failslab+0x5/0x20 [ 1107.614047] __kmalloc+0x72/0x390 [ 1107.614344] p9_fcall_init+0x97/0x290 [ 1107.614675] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1107.615129] p9_client_rpc+0x220/0x1370 [ 1107.615474] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1107.615924] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1107.616377] ? pipe_poll+0x21b/0x7f0 [ 1107.616696] ? p9_fd_close+0x4a0/0x4a0 [ 1107.617026] ? anon_pipe_buf_release+0x280/0x280 [ 1107.617429] ? p9_fd_poll+0x1e0/0x2c0 [ 1107.617757] ? p9_fd_create+0x357/0x4a0 [ 1107.618094] ? p9_conn_create+0x510/0x510 [ 1107.618446] ? p9_client_create+0x798/0x11c0 [ 1107.618821] ? kfree+0xd7/0x340 [ 1107.619124] p9_client_create+0xa76/0x11c0 [ 1107.619494] ? p9_client_flush+0x430/0x430 [ 1107.619856] ? trace_hardirqs_on+0x5b/0x180 [ 1107.620226] ? lockdep_init_map_type+0x2c7/0x780 [ 1107.620638] ? __raw_spin_lock_init+0x36/0x110 [ 1107.621034] v9fs_session_init+0x1dd/0x1680 [ 1107.621405] ? lock_release+0x680/0x680 [ 1107.621757] ? kmem_cache_alloc_trace+0x151/0x320 [ 1107.622171] ? v9fs_show_options+0x690/0x690 [ 1107.622552] ? trace_hardirqs_on+0x5b/0x180 [ 1107.622926] ? kasan_unpoison_shadow+0x33/0x50 [ 1107.623340] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1107.623775] v9fs_mount+0x79/0x8f0 [ 1107.624082] ? v9fs_write_inode+0x60/0x60 [ 1107.624437] legacy_get_tree+0x105/0x220 [ 1107.624788] vfs_get_tree+0x8e/0x300 [ 1107.625107] path_mount+0x1429/0x2120 [ 1107.625438] ? strncpy_from_user+0x9e/0x470 [ 1107.625802] ? finish_automount+0xa90/0xa90 [ 1107.626167] ? getname_flags.part.0+0x1dd/0x4f0 [ 1107.626564] ? _copy_from_user+0xfb/0x1b0 [ 1107.626918] __x64_sys_mount+0x282/0x300 [ 1107.627284] ? copy_mnt_ns+0xa00/0xa00 [ 1107.627621] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1107.628064] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1107.628505] do_syscall_64+0x33/0x40 [ 1107.628821] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1107.629254] RIP: 0033:0x7ff4194adb19 [ 1107.629572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1107.631133] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1107.631777] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1107.632377] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1107.632982] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1107.633583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1107.634185] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:04:43 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x992f, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:43 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:43 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9930, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:43 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x6a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:43 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xedc0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 42) [ 1121.935913] FAULT_INJECTION: forcing a failure. [ 1121.935913] name failslab, interval 1, probability 0, space 0, times 0 [ 1121.938564] CPU: 1 PID: 14190 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1121.939286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1121.941142] Call Trace: [ 1121.941416] dump_stack+0x107/0x167 [ 1121.941796] should_fail.cold+0x5/0xa [ 1121.942173] ? create_object.isra.0+0x3a/0xa20 [ 1121.942635] should_failslab+0x5/0x20 [ 1121.943025] kmem_cache_alloc+0x5b/0x310 [ 1121.943451] create_object.isra.0+0x3a/0xa20 [ 1121.943911] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1121.944449] __kmalloc+0x16e/0x390 [ 1121.944826] p9_fcall_init+0x97/0x290 [ 1121.945224] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1121.945733] p9_client_rpc+0x220/0x1370 [ 1121.946158] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1121.946691] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1121.947254] ? pipe_poll+0x21b/0x7f0 [ 1121.948065] ? p9_fd_close+0x4a0/0x4a0 [ 1121.948928] ? anon_pipe_buf_release+0x280/0x280 [ 1121.949962] ? p9_fd_poll+0x1e0/0x2c0 [ 1121.950627] ? p9_fd_create+0x357/0x4a0 [ 1121.951343] ? p9_conn_create+0x510/0x510 [ 1121.952054] ? p9_client_create+0x798/0x11c0 [ 1121.952820] ? kfree+0xd7/0x340 [ 1121.953398] p9_client_create+0xa76/0x11c0 [ 1121.954123] ? p9_client_flush+0x430/0x430 [ 1121.954856] ? trace_hardirqs_on+0x5b/0x180 14:04:58 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x80000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9931, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 39) 14:04:58 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 3) [ 1121.955749] ? lockdep_init_map_type+0x2c7/0x780 [ 1121.957121] ? __raw_spin_lock_init+0x36/0x110 [ 1121.957621] v9fs_session_init+0x1dd/0x1680 [ 1121.958091] ? lock_release+0x680/0x680 [ 1121.958513] ? kmem_cache_alloc_trace+0x151/0x320 [ 1121.959581] ? v9fs_show_options+0x690/0x690 [ 1121.960551] ? trace_hardirqs_on+0x5b/0x180 [ 1121.962067] ? kasan_unpoison_shadow+0x33/0x50 [ 1121.962529] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1121.963059] v9fs_mount+0x79/0x8f0 [ 1121.963428] ? v9fs_write_inode+0x60/0x60 [ 1121.963838] legacy_get_tree+0x105/0x220 [ 1121.964257] vfs_get_tree+0x8e/0x300 [ 1121.964642] path_mount+0x1429/0x2120 [ 1121.965042] ? strncpy_from_user+0x9e/0x470 [ 1121.965484] ? finish_automount+0xa90/0xa90 [ 1121.965920] ? getname_flags.part.0+0x1dd/0x4f0 [ 1121.966410] ? _copy_from_user+0xfb/0x1b0 [ 1121.966841] __x64_sys_mount+0x282/0x300 [ 1121.967273] ? copy_mnt_ns+0xa00/0xa00 [ 1121.967666] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1121.969852] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1121.971000] do_syscall_64+0x33/0x40 [ 1121.971831] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1121.972977] RIP: 0033:0x7ff4194adb19 [ 1121.973785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1121.978983] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1121.980677] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1121.982250] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1121.983804] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1121.985405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1121.988026] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1122.000207] FAULT_INJECTION: forcing a failure. [ 1122.000207] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1122.002905] CPU: 1 PID: 14335 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1122.004433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1122.006265] Call Trace: [ 1122.006830] dump_stack+0x107/0x167 [ 1122.007652] should_fail.cold+0x5/0xa [ 1122.008489] _copy_from_user+0x2e/0x1b0 [ 1122.009371] memdup_user+0x65/0xd0 [ 1122.010138] strndup_user+0x74/0xe0 [ 1122.010941] __x64_sys_mount+0x133/0x300 [ 1122.011834] ? copy_mnt_ns+0xa00/0xa00 [ 1122.012703] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1122.013850] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1122.014988] do_syscall_64+0x33/0x40 [ 1122.015707] FAULT_INJECTION: forcing a failure. [ 1122.015707] name failslab, interval 1, probability 0, space 0, times 0 [ 1122.018205] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1122.018215] RIP: 0033:0x7f78e3094b19 [ 1122.018227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1122.018241] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1122.018255] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1122.018262] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1122.028501] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1122.030056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1122.031604] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1122.033178] CPU: 0 PID: 14362 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1122.033879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1122.034693] Call Trace: [ 1122.034985] dump_stack+0x107/0x167 [ 1122.035378] should_fail.cold+0x5/0xa [ 1122.035771] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1122.036366] should_failslab+0x5/0x20 [ 1122.036800] kmem_cache_alloc+0x5b/0x310 [ 1122.037727] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1122.038314] idr_get_free+0x4b5/0x8f0 [ 1122.039159] idr_alloc_u32+0x170/0x2d0 [ 1122.040026] ? __fprop_inc_percpu_max+0x130/0x130 [ 1122.041073] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1122.042252] ? lock_release+0x680/0x680 [ 1122.043114] idr_alloc+0xc2/0x130 [ 1122.043888] ? idr_alloc_u32+0x2d0/0x2d0 [ 1122.044771] ? rwlock_bug.part.0+0x90/0x90 [ 1122.045717] p9_client_prepare_req.part.0+0x612/0xac0 [ 1122.046837] p9_client_rpc+0x220/0x1370 [ 1122.047731] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1122.048867] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1122.050037] ? pipe_poll+0x21b/0x7f0 [ 1122.050835] ? p9_fd_close+0x4a0/0x4a0 [ 1122.051703] ? anon_pipe_buf_release+0x280/0x280 [ 1122.052726] ? p9_fd_poll+0x1e0/0x2c0 [ 1122.053564] ? p9_fd_create+0x357/0x4a0 [ 1122.054419] ? p9_conn_create+0x510/0x510 [ 1122.055337] ? p9_client_create+0x798/0x11c0 [ 1122.056288] ? kfree+0xd7/0x340 [ 1122.057019] p9_client_create+0xa76/0x11c0 [ 1122.057933] ? p9_client_flush+0x430/0x430 [ 1122.058855] ? trace_hardirqs_on+0x5b/0x180 [ 1122.059797] ? lockdep_init_map_type+0x2c7/0x780 [ 1122.060836] ? __raw_spin_lock_init+0x36/0x110 [ 1122.061819] v9fs_session_init+0x1dd/0x1680 [ 1122.062760] ? lock_release+0x680/0x680 [ 1122.063625] ? kmem_cache_alloc_trace+0x151/0x320 [ 1122.064675] ? v9fs_show_options+0x690/0x690 [ 1122.065624] ? trace_hardirqs_on+0x5b/0x180 [ 1122.066565] ? kasan_unpoison_shadow+0x33/0x50 [ 1122.067561] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1122.068691] v9fs_mount+0x79/0x8f0 [ 1122.069454] ? v9fs_write_inode+0x60/0x60 [ 1122.070363] legacy_get_tree+0x105/0x220 [ 1122.071248] vfs_get_tree+0x8e/0x300 [ 1122.072066] path_mount+0x1429/0x2120 [ 1122.072888] ? strncpy_from_user+0x9e/0x470 [ 1122.073827] ? finish_automount+0xa90/0xa90 [ 1122.074751] ? getname_flags.part.0+0x1dd/0x4f0 [ 1122.079405] ? _copy_from_user+0xfb/0x1b0 [ 1122.079763] __x64_sys_mount+0x282/0x300 [ 1122.080104] ? copy_mnt_ns+0xa00/0xa00 [ 1122.080433] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1122.080875] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1122.081306] do_syscall_64+0x33/0x40 [ 1122.081620] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1122.082051] RIP: 0033:0x7ff91eae3b19 [ 1122.082366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1122.083910] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1122.084541] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1122.085134] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1122.085722] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1122.086314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1122.086901] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 1122.136704] FAULT_INJECTION: forcing a failure. [ 1122.136704] name failslab, interval 1, probability 0, space 0, times 0 [ 1122.137760] CPU: 1 PID: 14590 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1122.138351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1122.139054] Call Trace: [ 1122.139329] dump_stack+0x107/0x167 [ 1122.139647] should_fail.cold+0x5/0xa [ 1122.139982] ? copy_mount_options+0x55/0x180 [ 1122.140374] should_failslab+0x5/0x20 [ 1122.140702] kmem_cache_alloc_trace+0x55/0x320 [ 1122.141095] ? _copy_from_user+0xfb/0x1b0 [ 1122.141465] copy_mount_options+0x55/0x180 [ 1122.141825] __x64_sys_mount+0x1a8/0x300 [ 1122.142175] ? copy_mnt_ns+0xa00/0xa00 [ 1122.142526] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1122.142969] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1122.143443] do_syscall_64+0x33/0x40 [ 1122.143775] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1122.144216] RIP: 0033:0x7f78e3094b19 [ 1122.144547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1122.146113] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1122.146775] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1122.147391] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1122.148004] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1122.148613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1122.149219] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:04:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9932, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 4) 14:04:58 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x1000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x9000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9933, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:04:58 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 40) [ 1122.263037] FAULT_INJECTION: forcing a failure. [ 1122.263037] name failslab, interval 1, probability 0, space 0, times 0 [ 1122.264087] CPU: 1 PID: 14728 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1122.264695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1122.265406] Call Trace: [ 1122.265642] dump_stack+0x107/0x167 [ 1122.265956] should_fail.cold+0x5/0xa [ 1122.266295] ? p9_fcall_init+0x97/0x290 [ 1122.266645] should_failslab+0x5/0x20 [ 1122.266979] __kmalloc+0x72/0x390 [ 1122.267361] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1122.267809] p9_fcall_init+0x97/0x290 [ 1122.268144] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1122.268592] p9_client_rpc+0x220/0x1370 [ 1122.268939] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1122.269400] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1122.269875] ? pipe_poll+0x21b/0x7f0 [ 1122.270197] ? p9_fd_close+0x4a0/0x4a0 [ 1122.270543] ? anon_pipe_buf_release+0x280/0x280 [ 1122.270953] ? p9_fd_poll+0x1e0/0x2c0 [ 1122.271306] ? p9_fd_create+0x357/0x4a0 [ 1122.271668] ? p9_conn_create+0x510/0x510 [ 1122.272024] ? p9_client_create+0x798/0x11c0 [ 1122.272398] ? kfree+0xd7/0x340 [ 1122.272701] p9_client_create+0xa76/0x11c0 [ 1122.273073] ? p9_client_flush+0x430/0x430 [ 1122.273442] ? trace_hardirqs_on+0x5b/0x180 [ 1122.273820] ? lockdep_init_map_type+0x2c7/0x780 [ 1122.274236] ? __raw_spin_lock_init+0x36/0x110 [ 1122.274634] v9fs_session_init+0x1dd/0x1680 [ 1122.275012] ? lock_release+0x680/0x680 [ 1122.275377] ? kmem_cache_alloc_trace+0x151/0x320 [ 1122.275798] ? v9fs_show_options+0x690/0x690 [ 1122.276179] ? trace_hardirqs_on+0x5b/0x180 [ 1122.276558] ? kasan_unpoison_shadow+0x33/0x50 [ 1122.276962] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1122.277400] v9fs_mount+0x79/0x8f0 [ 1122.277710] ? v9fs_write_inode+0x60/0x60 [ 1122.278083] legacy_get_tree+0x105/0x220 [ 1122.278435] vfs_get_tree+0x8e/0x300 [ 1122.278755] path_mount+0x1429/0x2120 [ 1122.279097] ? strncpy_from_user+0x9e/0x470 [ 1122.279488] ? finish_automount+0xa90/0xa90 [ 1122.279856] ? getname_flags.part.0+0x1dd/0x4f0 [ 1122.280262] ? _copy_from_user+0xfb/0x1b0 [ 1122.280624] __x64_sys_mount+0x282/0x300 [ 1122.280969] ? copy_mnt_ns+0xa00/0xa00 [ 1122.281312] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1122.281765] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1122.282211] do_syscall_64+0x33/0x40 [ 1122.282531] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1122.282969] RIP: 0033:0x7ff4194adb19 [ 1122.283313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1122.284898] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1122.285561] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1122.286168] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1122.286778] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1122.287419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1122.288023] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:04:58 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 5) [ 1122.326760] FAULT_INJECTION: forcing a failure. [ 1122.326760] name failslab, interval 1, probability 0, space 0, times 0 [ 1122.327906] CPU: 1 PID: 14849 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1122.328497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1122.329199] Call Trace: [ 1122.329434] dump_stack+0x107/0x167 [ 1122.329760] should_fail.cold+0x5/0xa [ 1122.330092] ? create_object.isra.0+0x3a/0xa20 [ 1122.330491] should_failslab+0x5/0x20 [ 1122.330832] kmem_cache_alloc+0x5b/0x310 [ 1122.331196] create_object.isra.0+0x3a/0xa20 [ 1122.331580] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1122.332025] kmem_cache_alloc_trace+0x151/0x320 [ 1122.332433] copy_mount_options+0x55/0x180 [ 1122.332803] __x64_sys_mount+0x1a8/0x300 [ 1122.333151] ? copy_mnt_ns+0xa00/0xa00 [ 1122.333495] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1122.333958] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1122.334412] do_syscall_64+0x33/0x40 [ 1122.334738] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1122.335193] RIP: 0033:0x7f78e3094b19 [ 1122.335523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1122.337098] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1122.337753] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1122.338370] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1122.338982] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1122.339616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1122.340233] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:05:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 6) 14:05:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 43) 14:05:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9934, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 41) 14:05:12 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xa000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1136.077715] FAULT_INJECTION: forcing a failure. [ 1136.077715] name failslab, interval 1, probability 0, space 0, times 0 [ 1136.079048] CPU: 1 PID: 15066 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1136.079260] FAULT_INJECTION: forcing a failure. [ 1136.079260] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1136.079747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1136.079752] Call Trace: [ 1136.079775] dump_stack+0x107/0x167 [ 1136.079791] should_fail.cold+0x5/0xa [ 1136.083675] ? create_object.isra.0+0x3a/0xa20 [ 1136.084131] should_failslab+0x5/0x20 [ 1136.084505] kmem_cache_alloc+0x5b/0x310 [ 1136.084909] create_object.isra.0+0x3a/0xa20 [ 1136.085339] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1136.085848] __kmalloc+0x16e/0x390 [ 1136.086203] p9_fcall_init+0x97/0x290 [ 1136.086591] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1136.087098] p9_client_rpc+0x220/0x1370 [ 1136.087503] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1136.087955] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1136.088474] ? pipe_poll+0x21b/0x7f0 [ 1136.088790] ? p9_fd_close+0x4a0/0x4a0 [ 1136.089154] ? anon_pipe_buf_release+0x280/0x280 [ 1136.089630] ? p9_fd_poll+0x1e0/0x2c0 [ 1136.089985] ? p9_fd_create+0x357/0x4a0 [ 1136.090360] ? p9_conn_create+0x510/0x510 [ 1136.091035] ? p9_client_create+0x798/0x11c0 [ 1136.091472] ? kfree+0xd7/0x340 [ 1136.091903] p9_client_create+0xa76/0x11c0 [ 1136.092806] ? p9_client_flush+0x430/0x430 [ 1136.093336] ? trace_hardirqs_on+0x5b/0x180 [ 1136.094286] ? lockdep_init_map_type+0x2c7/0x780 [ 1136.094757] ? __raw_spin_lock_init+0x36/0x110 [ 1136.095723] v9fs_session_init+0x1dd/0x1680 [ 1136.096162] ? lock_release+0x680/0x680 [ 1136.096546] ? kmem_cache_alloc_trace+0x151/0x320 [ 1136.097007] ? v9fs_show_options+0x690/0x690 [ 1136.097744] ? trace_hardirqs_on+0x5b/0x180 [ 1136.098159] ? kasan_unpoison_shadow+0x33/0x50 [ 1136.098583] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1136.099509] v9fs_mount+0x79/0x8f0 [ 1136.099848] ? v9fs_write_inode+0x60/0x60 [ 1136.100265] legacy_get_tree+0x105/0x220 [ 1136.100649] vfs_get_tree+0x8e/0x300 [ 1136.101009] path_mount+0x1429/0x2120 [ 1136.101397] ? strncpy_from_user+0x9e/0x470 [ 1136.102149] ? finish_automount+0xa90/0xa90 [ 1136.102561] ? getname_flags.part.0+0x1dd/0x4f0 [ 1136.107441] ? _copy_from_user+0xfb/0x1b0 [ 1136.107831] __x64_sys_mount+0x282/0x300 [ 1136.108220] ? copy_mnt_ns+0xa00/0xa00 [ 1136.108612] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1136.109131] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1136.109643] do_syscall_64+0x33/0x40 [ 1136.110008] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1136.110506] RIP: 0033:0x7ff4194adb19 [ 1136.110869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1136.112678] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1136.113418] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1136.114113] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1136.114797] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1136.115498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1136.116178] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1136.116874] CPU: 0 PID: 15060 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1136.117599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1136.118429] Call Trace: [ 1136.118705] dump_stack+0x107/0x167 [ 1136.123365] should_fail.cold+0x5/0xa [ 1136.123785] _copy_from_user+0x2e/0x1b0 [ 1136.124225] copy_mount_options+0x76/0x180 [ 1136.124710] __x64_sys_mount+0x1a8/0x300 [ 1136.125633] ? copy_mnt_ns+0xa00/0xa00 [ 1136.126057] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1136.126658] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1136.127251] do_syscall_64+0x33/0x40 [ 1136.127683] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1136.128251] RIP: 0033:0x7f78e3094b19 [ 1136.128668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1136.130630] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1136.131429] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1136.133318] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1136.134088] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1136.135320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1136.136091] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1136.156303] FAULT_INJECTION: forcing a failure. [ 1136.156303] name failslab, interval 1, probability 0, space 0, times 0 [ 1136.157399] CPU: 1 PID: 15142 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1136.158088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1136.158910] Call Trace: [ 1136.159181] dump_stack+0x107/0x167 [ 1136.159574] should_fail.cold+0x5/0xa [ 1136.159966] ? create_object.isra.0+0x3a/0xa20 [ 1136.160451] should_failslab+0x5/0x20 [ 1136.160850] kmem_cache_alloc+0x5b/0x310 [ 1136.161259] create_object.isra.0+0x3a/0xa20 [ 1136.161701] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1136.162219] kmem_cache_alloc+0x159/0x310 [ 1136.162654] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1136.163214] idr_get_free+0x4b5/0x8f0 [ 1136.163636] idr_alloc_u32+0x170/0x2d0 [ 1136.164028] ? __fprop_inc_percpu_max+0x130/0x130 [ 1136.164552] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1136.165106] ? lock_release+0x680/0x680 [ 1136.165522] idr_alloc+0xc2/0x130 [ 1136.165875] ? idr_alloc_u32+0x2d0/0x2d0 [ 1136.166325] ? rwlock_bug.part.0+0x90/0x90 [ 1136.166766] p9_client_prepare_req.part.0+0x612/0xac0 [ 1136.167334] p9_client_rpc+0x220/0x1370 [ 1136.167771] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1136.168359] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1136.169015] ? pipe_poll+0x21b/0x7f0 [ 1136.169431] ? p9_fd_close+0x4a0/0x4a0 [ 1136.169914] ? anon_pipe_buf_release+0x280/0x280 [ 1136.170449] ? p9_fd_poll+0x1e0/0x2c0 [ 1136.170869] ? p9_fd_create+0x357/0x4a0 [ 1136.171328] ? p9_conn_create+0x510/0x510 [ 1136.171777] ? p9_client_create+0x798/0x11c0 [ 1136.172267] ? kfree+0xd7/0x340 [ 1136.172645] p9_client_create+0xa76/0x11c0 [ 1136.173113] ? p9_client_flush+0x430/0x430 [ 1136.173590] ? trace_hardirqs_on+0x5b/0x180 [ 1136.174063] ? lockdep_init_map_type+0x2c7/0x780 [ 1136.174605] ? __raw_spin_lock_init+0x36/0x110 [ 1136.175122] v9fs_session_init+0x1dd/0x1680 [ 1136.175555] ? lock_release+0x680/0x680 [ 1136.175926] ? kmem_cache_alloc_trace+0x151/0x320 [ 1136.176354] ? v9fs_show_options+0x690/0x690 [ 1136.176758] ? trace_hardirqs_on+0x5b/0x180 [ 1136.177155] ? kasan_unpoison_shadow+0x33/0x50 [ 1136.177583] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1136.178054] v9fs_mount+0x79/0x8f0 [ 1136.178383] ? v9fs_write_inode+0x60/0x60 [ 1136.178770] legacy_get_tree+0x105/0x220 [ 1136.179144] vfs_get_tree+0x8e/0x300 [ 1136.179499] path_mount+0x1429/0x2120 [ 1136.179856] ? strncpy_from_user+0x9e/0x470 [ 1136.180252] ? finish_automount+0xa90/0xa90 [ 1136.180645] ? getname_flags.part.0+0x1dd/0x4f0 [ 1136.181074] ? _copy_from_user+0xfb/0x1b0 [ 1136.181462] __x64_sys_mount+0x282/0x300 [ 1136.181841] ? copy_mnt_ns+0xa00/0xa00 [ 1136.182197] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1136.182667] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1136.183140] do_syscall_64+0x33/0x40 [ 1136.183498] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1136.183967] RIP: 0033:0x7ff91eae3b19 [ 1136.184318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1136.185950] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1136.186642] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1136.187305] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1136.187953] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1136.188602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1136.189247] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:05:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9935, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9936, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xb000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9937, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 42) 14:05:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x7000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1136.483294] FAULT_INJECTION: forcing a failure. [ 1136.483294] name failslab, interval 1, probability 0, space 0, times 0 [ 1136.484406] CPU: 1 PID: 15696 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1136.485073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1136.485903] Call Trace: [ 1136.486210] dump_stack+0x107/0x167 [ 1136.486613] should_fail.cold+0x5/0xa [ 1136.487026] ? create_object.isra.0+0x3a/0xa20 [ 1136.487517] should_failslab+0x5/0x20 [ 1136.487915] kmem_cache_alloc+0x5b/0x310 [ 1136.488301] create_object.isra.0+0x3a/0xa20 [ 1136.488715] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1136.489211] __kmalloc+0x16e/0x390 [ 1136.489574] p9_fcall_init+0x97/0x290 [ 1136.489964] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1136.490458] p9_client_rpc+0x220/0x1370 [ 1136.490831] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1136.491332] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1136.491821] ? pipe_poll+0x21b/0x7f0 [ 1136.492162] ? p9_fd_close+0x4a0/0x4a0 [ 1136.492521] ? anon_pipe_buf_release+0x280/0x280 [ 1136.492954] ? p9_fd_poll+0x1e0/0x2c0 [ 1136.493343] ? p9_fd_create+0x357/0x4a0 [ 1136.493763] ? p9_conn_create+0x510/0x510 [ 1136.494204] ? p9_client_create+0x798/0x11c0 [ 1136.494586] ? kfree+0xd7/0x340 [ 1136.494941] p9_client_create+0xa76/0x11c0 [ 1136.495367] ? p9_client_flush+0x430/0x430 [ 1136.495820] ? trace_hardirqs_on+0x5b/0x180 [ 1136.496276] ? lockdep_init_map_type+0x2c7/0x780 [ 1136.496770] ? __raw_spin_lock_init+0x36/0x110 [ 1136.497257] v9fs_session_init+0x1dd/0x1680 [ 1136.497706] ? lock_release+0x680/0x680 [ 1136.498136] ? kmem_cache_alloc_trace+0x151/0x320 [ 1136.498627] ? v9fs_show_options+0x690/0x690 [ 1136.499045] ? trace_hardirqs_on+0x5b/0x180 [ 1136.499452] ? kasan_unpoison_shadow+0x33/0x50 [ 1136.499889] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1136.500386] v9fs_mount+0x79/0x8f0 [ 1136.500729] ? v9fs_write_inode+0x60/0x60 [ 1136.501182] legacy_get_tree+0x105/0x220 [ 1136.502126] vfs_get_tree+0x8e/0x300 [ 1136.502490] path_mount+0x1429/0x2120 [ 1136.502867] ? strncpy_from_user+0x9e/0x470 [ 1136.503319] ? finish_automount+0xa90/0xa90 [ 1136.503768] ? getname_flags.part.0+0x1dd/0x4f0 [ 1136.504257] ? _copy_from_user+0xfb/0x1b0 [ 1136.505223] __x64_sys_mount+0x282/0x300 [ 1136.506175] ? copy_mnt_ns+0xa00/0xa00 [ 1136.507145] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1136.507722] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1136.508265] do_syscall_64+0x33/0x40 [ 1136.508777] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1136.509967] RIP: 0033:0x7ff4194adb19 [ 1136.510318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1136.512056] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1136.513728] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1136.515254] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1136.515940] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1136.516600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1136.518089] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1150.485150] FAULT_INJECTION: forcing a failure. [ 1150.485150] name failslab, interval 1, probability 0, space 0, times 0 [ 1150.486292] CPU: 1 PID: 16029 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1150.486988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1150.488426] Call Trace: [ 1150.488742] dump_stack+0x107/0x167 [ 1150.488898] FAULT_INJECTION: forcing a failure. [ 1150.488898] name failslab, interval 1, probability 0, space 0, times 0 [ 1150.489077] should_fail.cold+0x5/0xa [ 1150.490390] ? getname_flags.part.0+0x50/0x4f0 [ 1150.490824] should_failslab+0x5/0x20 [ 1150.491146] kmem_cache_alloc+0x5b/0x310 [ 1150.491609] getname_flags.part.0+0x50/0x4f0 [ 1150.492036] ? _copy_from_user+0xfb/0x1b0 [ 1150.492388] user_path_at_empty+0xa1/0x100 [ 1150.492815] __x64_sys_mount+0x1e9/0x300 [ 1150.493157] ? copy_mnt_ns+0xa00/0xa00 [ 1150.493488] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1150.493974] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1150.494406] do_syscall_64+0x33/0x40 [ 1150.494797] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1150.495226] RIP: 0033:0x7f78e3094b19 [ 1150.495682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1150.497330] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1150.498040] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1150.498677] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1150.499270] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1150.499920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1150.500514] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1150.501169] CPU: 0 PID: 16047 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1150.501988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1150.502709] Call Trace: [ 1150.502941] dump_stack+0x107/0x167 [ 1150.503254] should_fail.cold+0x5/0xa [ 1150.503606] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1150.504096] should_failslab+0x5/0x20 [ 1150.504422] kmem_cache_alloc+0x5b/0x310 [ 1150.504774] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1150.505249] idr_get_free+0x4b5/0x8f0 [ 1150.505588] idr_alloc_u32+0x170/0x2d0 [ 1150.505922] ? __fprop_inc_percpu_max+0x130/0x130 [ 1150.506333] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1150.506790] ? lock_release+0x680/0x680 [ 1150.507128] idr_alloc+0xc2/0x130 [ 1150.507424] ? idr_alloc_u32+0x2d0/0x2d0 [ 1150.507785] ? rwlock_bug.part.0+0x90/0x90 [ 1150.508152] p9_client_prepare_req.part.0+0x612/0xac0 [ 1150.508594] p9_client_rpc+0x220/0x1370 [ 1150.508864] FAULT_INJECTION: forcing a failure. [ 1150.508864] name failslab, interval 1, probability 0, space 0, times 0 [ 1150.508934] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1150.508953] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1150.510868] ? pipe_poll+0x21b/0x7f0 [ 1150.511185] ? p9_fd_close+0x4a0/0x4a0 [ 1150.511527] ? anon_pipe_buf_release+0x280/0x280 [ 1150.511928] ? p9_fd_poll+0x1e0/0x2c0 [ 1150.512255] ? p9_fd_create+0x357/0x4a0 [ 1150.512596] ? p9_conn_create+0x510/0x510 [ 1150.512944] ? p9_client_create+0x798/0x11c0 [ 1150.513314] ? kfree+0xd7/0x340 [ 1150.513599] p9_client_create+0xa76/0x11c0 [ 1150.513963] ? p9_client_flush+0x430/0x430 [ 1150.514320] ? trace_hardirqs_on+0x5b/0x180 [ 1150.514685] ? lockdep_init_map_type+0x2c7/0x780 [ 1150.515085] ? __raw_spin_lock_init+0x36/0x110 [ 1150.515488] v9fs_session_init+0x1dd/0x1680 [ 1150.515856] ? lock_release+0x680/0x680 [ 1150.516198] ? kmem_cache_alloc_trace+0x151/0x320 [ 1150.516604] ? v9fs_show_options+0x690/0x690 [ 1150.516979] ? trace_hardirqs_on+0x5b/0x180 [ 1150.517344] ? kasan_unpoison_shadow+0x33/0x50 [ 1150.517729] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1150.518159] v9fs_mount+0x79/0x8f0 [ 1150.518466] ? v9fs_write_inode+0x60/0x60 [ 1150.518818] legacy_get_tree+0x105/0x220 [ 1150.519161] vfs_get_tree+0x8e/0x300 [ 1150.519484] path_mount+0x1429/0x2120 [ 1150.519811] ? strncpy_from_user+0x9e/0x470 [ 1150.520176] ? finish_automount+0xa90/0xa90 [ 1150.520540] ? getname_flags.part.0+0x1dd/0x4f0 [ 1150.520934] ? _copy_from_user+0xfb/0x1b0 [ 1150.521289] __x64_sys_mount+0x282/0x300 [ 1150.521632] ? copy_mnt_ns+0xa00/0xa00 [ 1150.521965] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1150.522408] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1150.522843] do_syscall_64+0x33/0x40 [ 1150.523160] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1150.523604] RIP: 0033:0x7ff91eae3b19 [ 1150.523922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1150.525445] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1150.526081] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1150.526672] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 14:05:26 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 43) 14:05:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x10000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 7) [ 1150.527264] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1150.527870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1150.528467] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 [ 1150.529086] CPU: 1 PID: 16035 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1150.529766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1150.530866] Call Trace: [ 1150.531106] dump_stack+0x107/0x167 14:05:26 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9938, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 44) 14:05:26 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa103, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1150.531418] should_fail.cold+0x5/0xa [ 1150.531859] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1150.532344] should_failslab+0x5/0x20 [ 1150.532742] kmem_cache_alloc+0x5b/0x310 [ 1150.533101] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1150.533625] idr_get_free+0x4b5/0x8f0 [ 1150.534029] idr_alloc_u32+0x170/0x2d0 [ 1150.534363] ? __fprop_inc_percpu_max+0x130/0x130 [ 1150.535006] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1150.535467] ? lock_release+0x680/0x680 [ 1150.535857] idr_alloc+0xc2/0x130 [ 1150.536156] ? idr_alloc_u32+0x2d0/0x2d0 [ 1150.536501] ? rwlock_bug.part.0+0x90/0x90 [ 1150.536920] p9_client_prepare_req.part.0+0x612/0xac0 [ 1150.537356] p9_client_rpc+0x220/0x1370 [ 1150.537741] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1150.538194] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1150.538720] ? pipe_poll+0x21b/0x7f0 [ 1150.539033] ? p9_fd_close+0x4a0/0x4a0 [ 1150.539357] ? anon_pipe_buf_release+0x280/0x280 [ 1150.539867] ? p9_fd_poll+0x1e0/0x2c0 [ 1150.540192] ? p9_fd_create+0x357/0x4a0 [ 1150.540531] ? p9_conn_create+0x510/0x510 [ 1150.540921] ? p9_client_create+0x798/0x11c0 [ 1150.541297] ? kfree+0xd7/0x340 [ 1150.541628] p9_client_create+0xa76/0x11c0 [ 1150.542007] ? p9_client_flush+0x430/0x430 [ 1150.542361] ? trace_hardirqs_on+0x5b/0x180 [ 1150.542795] ? lockdep_init_map_type+0x2c7/0x780 [ 1150.543195] ? __raw_spin_lock_init+0x36/0x110 [ 1150.543648] v9fs_session_init+0x1dd/0x1680 [ 1150.544011] ? lock_release+0x680/0x680 [ 1150.544353] ? kmem_cache_alloc_trace+0x151/0x320 [ 1150.544838] ? v9fs_show_options+0x690/0x690 [ 1150.545230] ? trace_hardirqs_on+0x5b/0x180 [ 1150.545643] ? kasan_unpoison_shadow+0x33/0x50 [ 1150.546027] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1150.546458] v9fs_mount+0x79/0x8f0 [ 1150.546830] ? v9fs_write_inode+0x60/0x60 [ 1150.547178] legacy_get_tree+0x105/0x220 [ 1150.547569] vfs_get_tree+0x8e/0x300 [ 1150.547928] path_mount+0x1429/0x2120 [ 1150.548252] ? strncpy_from_user+0x9e/0x470 [ 1150.548670] ? finish_automount+0xa90/0xa90 [ 1150.549030] ? getname_flags.part.0+0x1dd/0x4f0 [ 1150.549420] ? _copy_from_user+0xfb/0x1b0 [ 1150.549817] __x64_sys_mount+0x282/0x300 [ 1150.550158] ? copy_mnt_ns+0xa00/0xa00 [ 1150.550487] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1150.550972] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1150.551404] do_syscall_64+0x33/0x40 [ 1150.551804] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1150.552232] RIP: 0033:0x7ff4194adb19 [ 1150.552548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1150.554150] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1150.554827] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1150.555425] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1150.556096] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1150.556733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1150.557321] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:05:26 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xc200, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2baa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 8) 14:05:26 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdb98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1150.735054] FAULT_INJECTION: forcing a failure. [ 1150.735054] name failslab, interval 1, probability 0, space 0, times 0 [ 1150.736236] CPU: 1 PID: 16551 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1150.736895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1150.737631] Call Trace: [ 1150.737872] dump_stack+0x107/0x167 [ 1150.738185] should_fail.cold+0x5/0xa [ 1150.738514] ? create_object.isra.0+0x3a/0xa20 [ 1150.738955] should_failslab+0x5/0x20 [ 1150.739278] kmem_cache_alloc+0x5b/0x310 [ 1150.739693] create_object.isra.0+0x3a/0xa20 [ 1150.740068] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1150.740501] kmem_cache_alloc+0x159/0x310 [ 1150.740904] getname_flags.part.0+0x50/0x4f0 [ 1150.741281] ? _copy_from_user+0xfb/0x1b0 [ 1150.741708] user_path_at_empty+0xa1/0x100 [ 1150.742070] __x64_sys_mount+0x1e9/0x300 [ 1150.742415] ? copy_mnt_ns+0xa00/0xa00 [ 1150.742808] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1150.743253] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1150.747862] do_syscall_64+0x33/0x40 [ 1150.748180] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1150.748730] RIP: 0033:0x7f78e3094b19 [ 1150.749055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1150.750682] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 14:05:26 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x20000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:26 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdc98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1150.751321] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1150.752122] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1150.752772] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1150.753372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1150.755737] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:05:27 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x9000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:27 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2caa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:41 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:41 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x20100000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:41 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xa000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:41 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 44) [ 1164.864329] FAULT_INJECTION: forcing a failure. [ 1164.864329] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1164.865501] CPU: 0 PID: 17013 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1164.866157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1164.866929] Call Trace: [ 1164.867185] dump_stack+0x107/0x167 14:05:41 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 45) 14:05:41 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdd98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:41 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 9) 14:05:41 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2daa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1164.867517] should_fail.cold+0x5/0xa [ 1164.867934] strncpy_from_user+0x34/0x470 [ 1164.868599] getname_flags.part.0+0x95/0x4f0 [ 1164.869073] ? _copy_from_user+0xfb/0x1b0 [ 1164.869449] user_path_at_empty+0xa1/0x100 [ 1164.869893] __x64_sys_mount+0x1e9/0x300 [ 1164.870257] ? copy_mnt_ns+0xa00/0xa00 [ 1164.870613] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1164.871172] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1164.871655] do_syscall_64+0x33/0x40 [ 1164.872055] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1164.872390] FAULT_INJECTION: forcing a failure. [ 1164.872390] name failslab, interval 1, probability 0, space 0, times 0 [ 1164.872514] RIP: 0033:0x7f78e3094b19 [ 1164.872535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1164.875491] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1164.876226] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1164.876906] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1164.877534] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1164.878241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1164.878917] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1164.879567] CPU: 1 PID: 17011 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1164.880182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1164.880895] Call Trace: [ 1164.881122] dump_stack+0x107/0x167 [ 1164.881468] should_fail.cold+0x5/0xa [ 1164.881779] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1164.882283] should_failslab+0x5/0x20 [ 1164.882592] kmem_cache_alloc+0x5b/0x310 [ 1164.882920] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1164.883437] idr_get_free+0x4b5/0x8f0 [ 1164.883773] idr_alloc_u32+0x170/0x2d0 [ 1164.884085] ? __fprop_inc_percpu_max+0x130/0x130 [ 1164.884525] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1164.884952] ? lock_release+0x680/0x680 [ 1164.885314] idr_alloc+0xc2/0x130 [ 1164.885593] ? idr_alloc_u32+0x2d0/0x2d0 [ 1164.885915] ? rwlock_bug.part.0+0x90/0x90 [ 1164.886306] p9_client_prepare_req.part.0+0x612/0xac0 [ 1164.886726] p9_client_rpc+0x220/0x1370 [ 1164.887043] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1164.887532] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1164.887976] ? pipe_poll+0x21b/0x7f0 [ 1164.888324] ? p9_fd_close+0x4a0/0x4a0 [ 1164.888637] ? anon_pipe_buf_release+0x280/0x280 [ 1164.889013] ? p9_fd_poll+0x1e0/0x2c0 [ 1164.889366] ? p9_fd_create+0x357/0x4a0 [ 1164.889684] ? p9_conn_create+0x510/0x510 [ 1164.890011] ? p9_client_create+0x798/0x11c0 [ 1164.890407] ? kfree+0xd7/0x340 [ 1164.890677] p9_client_create+0xa76/0x11c0 [ 1164.891019] ? p9_client_flush+0x430/0x430 [ 1164.891407] ? trace_hardirqs_on+0x5b/0x180 [ 1164.891764] ? lockdep_init_map_type+0x2c7/0x780 [ 1164.892142] ? __raw_spin_lock_init+0x36/0x110 [ 1164.892583] v9fs_session_init+0x1dd/0x1680 [ 1164.892927] ? lock_release+0x680/0x680 [ 1164.893294] ? kmem_cache_alloc_trace+0x151/0x320 [ 1164.893678] ? v9fs_show_options+0x690/0x690 [ 1164.894031] ? trace_hardirqs_on+0x5b/0x180 [ 1164.894422] ? kasan_unpoison_shadow+0x33/0x50 [ 1164.894793] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1164.895245] v9fs_mount+0x79/0x8f0 [ 1164.895548] ? v9fs_write_inode+0x60/0x60 [ 1164.895895] legacy_get_tree+0x105/0x220 [ 1164.896273] vfs_get_tree+0x8e/0x300 [ 1164.896572] path_mount+0x1429/0x2120 [ 1164.896880] ? strncpy_from_user+0x9e/0x470 [ 1164.897303] ? finish_automount+0xa90/0xa90 [ 1164.897648] ? getname_flags.part.0+0x1dd/0x4f0 [ 1164.898016] ? _copy_from_user+0xfb/0x1b0 [ 1164.898397] __x64_sys_mount+0x282/0x300 [ 1164.898719] ? copy_mnt_ns+0xa00/0xa00 [ 1164.898872] FAULT_INJECTION: forcing a failure. [ 1164.898872] name failslab, interval 1, probability 0, space 0, times 0 [ 1164.899035] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1164.900544] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1164.900953] do_syscall_64+0x33/0x40 [ 1164.901322] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1164.901724] RIP: 0033:0x7ff4194adb19 [ 1164.902020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1164.903498] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1164.904117] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1164.904673] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1164.905230] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1164.905788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1164.906347] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1164.906930] CPU: 0 PID: 17056 Comm: syz-executor.2 Not tainted 5.10.223 #1 [ 1164.907558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1164.908351] Call Trace: [ 1164.908596] dump_stack+0x107/0x167 [ 1164.909009] should_fail.cold+0x5/0xa [ 1164.909360] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1164.909925] should_failslab+0x5/0x20 [ 1164.910271] kmem_cache_alloc+0x5b/0x310 [ 1164.910643] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1164.911202] idr_get_free+0x4b5/0x8f0 [ 1164.911565] idr_alloc_u32+0x170/0x2d0 [ 1164.911989] ? __fprop_inc_percpu_max+0x130/0x130 [ 1164.912431] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1164.912989] ? lock_release+0x680/0x680 [ 1164.913348] idr_alloc+0xc2/0x130 [ 1164.913664] ? idr_alloc_u32+0x2d0/0x2d0 [ 1164.914080] ? rwlock_bug.part.0+0x90/0x90 [ 1164.914476] p9_client_prepare_req.part.0+0x612/0xac0 [ 1164.914998] p9_client_rpc+0x220/0x1370 [ 1164.915360] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1164.915909] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1164.916389] ? pipe_poll+0x21b/0x7f0 [ 1164.916768] ? p9_fd_close+0x4a0/0x4a0 [ 1164.917124] ? anon_pipe_buf_release+0x280/0x280 [ 1164.917549] ? p9_fd_poll+0x1e0/0x2c0 [ 1164.917977] ? p9_fd_create+0x357/0x4a0 [ 1164.918338] ? p9_conn_create+0x510/0x510 [ 1164.918707] ? p9_client_create+0x798/0x11c0 [ 1164.919154] ? kfree+0xd7/0x340 [ 1164.919467] p9_client_create+0xa76/0x11c0 [ 1164.919922] ? p9_client_flush+0x430/0x430 [ 1164.920310] ? trace_hardirqs_on+0x5b/0x180 [ 1164.920702] ? lockdep_init_map_type+0x2c7/0x780 [ 1164.921188] ? __raw_spin_lock_init+0x36/0x110 [ 1164.921607] v9fs_session_init+0x1dd/0x1680 [ 1164.922042] ? lock_release+0x680/0x680 [ 1164.922409] ? kmem_cache_alloc_trace+0x151/0x320 [ 1164.922916] ? v9fs_show_options+0x690/0x690 [ 1164.923318] ? trace_hardirqs_on+0x5b/0x180 [ 1164.923761] ? kasan_unpoison_shadow+0x33/0x50 [ 1164.924182] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1164.924641] v9fs_mount+0x79/0x8f0 [ 1164.925020] ? v9fs_write_inode+0x60/0x60 [ 1164.925395] legacy_get_tree+0x105/0x220 [ 1164.925810] vfs_get_tree+0x8e/0x300 [ 1164.926145] path_mount+0x1429/0x2120 [ 1164.926492] ? strncpy_from_user+0x9e/0x470 [ 1164.926979] ? finish_automount+0xa90/0xa90 [ 1164.927366] ? getname_flags.part.0+0x1dd/0x4f0 [ 1164.927847] ? _copy_from_user+0xfb/0x1b0 [ 1164.928227] __x64_sys_mount+0x282/0x300 [ 1164.928591] ? copy_mnt_ns+0xa00/0xa00 [ 1164.929006] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1164.929474] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1164.929989] do_syscall_64+0x33/0x40 [ 1164.930324] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1164.930826] RIP: 0033:0x7ff91eae3b19 [ 1164.931163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1164.932913] RSP: 002b:00007ff91c059188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1164.933588] RAX: ffffffffffffffda RBX: 00007ff91ebf6f60 RCX: 00007ff91eae3b19 [ 1164.934269] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1164.934957] RBP: 00007ff91c0591d0 R08: 0000000020000140 R09: 0000000000000000 [ 1164.935585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1164.936308] R13: 00007ffd3a8b8f8f R14: 00007ff91c059300 R15: 0000000000022000 14:05:41 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xde98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:41 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 10) 14:05:41 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1165.032068] FAULT_INJECTION: forcing a failure. [ 1165.032068] name failslab, interval 1, probability 0, space 0, times 0 [ 1165.033137] CPU: 1 PID: 17274 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1165.033687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1165.034343] Call Trace: [ 1165.034564] dump_stack+0x107/0x167 [ 1165.034864] should_fail.cold+0x5/0xa [ 1165.035175] ? alloc_fs_context+0x57/0x840 [ 1165.035526] should_failslab+0x5/0x20 [ 1165.035859] kmem_cache_alloc_trace+0x55/0x320 [ 1165.036236] alloc_fs_context+0x57/0x840 [ 1165.036577] path_mount+0xaa3/0x2120 [ 1165.036888] ? strncpy_from_user+0x9e/0x470 [ 1165.037239] ? finish_automount+0xa90/0xa90 [ 1165.037591] ? getname_flags.part.0+0x1dd/0x4f0 [ 1165.037966] ? _copy_from_user+0xfb/0x1b0 [ 1165.038303] __x64_sys_mount+0x282/0x300 [ 1165.038634] ? copy_mnt_ns+0xa00/0xa00 [ 1165.038953] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1165.039374] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1165.039809] do_syscall_64+0x33/0x40 [ 1165.040109] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1165.040522] RIP: 0033:0x7f78e3094b19 [ 1165.040825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1165.042285] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1165.042898] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1165.043470] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1165.044050] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1165.044619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1165.045191] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:05:56 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 46) 14:05:56 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xba7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdf98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:56 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8cffffff, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 45) 14:05:56 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:56 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xb000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:56 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 11) [ 1180.761683] FAULT_INJECTION: forcing a failure. [ 1180.761683] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.762797] CPU: 0 PID: 17563 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1180.763453] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1180.764945] Call Trace: [ 1180.765238] dump_stack+0x107/0x167 [ 1180.765579] should_fail.cold+0x5/0xa [ 1180.765926] ? create_object.isra.0+0x3a/0xa20 [ 1180.766417] should_failslab+0x5/0x20 [ 1180.766762] kmem_cache_alloc+0x5b/0x310 [ 1180.767132] create_object.isra.0+0x3a/0xa20 [ 1180.767577] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1180.768045] kmem_cache_alloc_trace+0x151/0x320 [ 1180.768538] alloc_fs_context+0x57/0x840 [ 1180.768910] path_mount+0xaa3/0x2120 [ 1180.769305] ? strncpy_from_user+0x9e/0x470 [ 1180.769699] ? finish_automount+0xa90/0xa90 [ 1180.770087] ? getname_flags.part.0+0x1dd/0x4f0 [ 1180.770565] ? _copy_from_user+0xfb/0x1b0 [ 1180.770959] __x64_sys_mount+0x282/0x300 [ 1180.771400] ? copy_mnt_ns+0xa00/0xa00 [ 1180.771754] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1180.772015] FAULT_INJECTION: forcing a failure. [ 1180.772015] name failslab, interval 1, probability 0, space 0, times 0 [ 1180.772975] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1180.774493] do_syscall_64+0x33/0x40 [ 1180.774831] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1180.775330] RIP: 0033:0x7f78e3094b19 [ 1180.775665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1180.777405] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1180.778080] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1180.778761] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1180.779464] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1180.780767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1180.782556] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1180.784319] CPU: 1 PID: 17565 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1180.785132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1180.785991] Call Trace: [ 1180.786273] dump_stack+0x107/0x167 [ 1180.786639] should_fail.cold+0x5/0xa [ 1180.787057] ? create_object.isra.0+0x3a/0xa20 [ 1180.787523] should_failslab+0x5/0x20 [ 1180.787966] kmem_cache_alloc+0x5b/0x310 [ 1180.788382] create_object.isra.0+0x3a/0xa20 [ 1180.788898] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1180.789457] kmem_cache_alloc+0x159/0x310 [ 1180.789939] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1180.790503] idr_get_free+0x4b5/0x8f0 [ 1180.790933] idr_alloc_u32+0x170/0x2d0 [ 1180.791329] ? __fprop_inc_percpu_max+0x130/0x130 [ 1180.791905] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1180.792457] ? lock_release+0x680/0x680 [ 1180.792968] idr_alloc+0xc2/0x130 [ 1180.793303] ? idr_alloc_u32+0x2d0/0x2d0 [ 1180.793755] ? rwlock_bug.part.0+0x90/0x90 [ 1180.794186] p9_client_prepare_req.part.0+0x612/0xac0 [ 1180.794742] p9_client_rpc+0x220/0x1370 [ 1180.795124] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1180.795670] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1180.796275] ? pipe_poll+0x21b/0x7f0 [ 1180.796676] ? p9_fd_close+0x4a0/0x4a0 [ 1180.797174] ? anon_pipe_buf_release+0x280/0x280 [ 1180.798154] ? p9_fd_poll+0x1e0/0x2c0 [ 1180.798868] ? p9_fd_create+0x357/0x4a0 [ 1180.799552] ? p9_conn_create+0x510/0x510 [ 1180.800083] ? p9_client_create+0x798/0x11c0 [ 1180.800468] ? kfree+0xd7/0x340 [ 1180.800833] p9_client_create+0xa76/0x11c0 [ 1180.801222] ? p9_client_flush+0x430/0x430 [ 1180.801587] ? trace_hardirqs_on+0x5b/0x180 [ 1180.802000] ? lockdep_init_map_type+0x2c7/0x780 [ 1180.802427] ? __raw_spin_lock_init+0x36/0x110 [ 1180.802871] v9fs_session_init+0x1dd/0x1680 [ 1180.803261] ? lock_release+0x680/0x680 [ 1180.803617] ? kmem_cache_alloc_trace+0x151/0x320 [ 1180.804138] ? v9fs_show_options+0x690/0x690 [ 1180.804530] ? trace_hardirqs_on+0x5b/0x180 [ 1180.804976] ? kasan_unpoison_shadow+0x33/0x50 [ 1180.805383] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1180.805866] v9fs_mount+0x79/0x8f0 [ 1180.806176] ? v9fs_write_inode+0x60/0x60 [ 1180.806555] legacy_get_tree+0x105/0x220 [ 1180.806943] vfs_get_tree+0x8e/0x300 [ 1180.807263] path_mount+0x1429/0x2120 [ 1180.807609] ? strncpy_from_user+0x9e/0x470 [ 1180.808432] ? finish_automount+0xa90/0xa90 [ 1180.809267] ? getname_flags.part.0+0x1dd/0x4f0 [ 1180.810148] ? _copy_from_user+0xfb/0x1b0 [ 1180.810937] __x64_sys_mount+0x282/0x300 [ 1180.811659] ? copy_mnt_ns+0xa00/0xa00 [ 1180.812563] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1180.813526] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1180.814495] do_syscall_64+0x33/0x40 [ 1180.815186] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1180.816235] RIP: 0033:0x7ff4194adb19 [ 1180.816949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1180.820521] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1180.821921] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1180.823231] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1180.824673] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1180.825276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1180.825893] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:05:57 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe098, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xc0ed0000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2eaa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x10000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe198, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 12) [ 1181.132220] FAULT_INJECTION: forcing a failure. [ 1181.132220] name failslab, interval 1, probability 0, space 0, times 0 [ 1181.133500] CPU: 0 PID: 18322 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1181.134131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1181.134976] Call Trace: [ 1181.135282] dump_stack+0x107/0x167 [ 1181.135629] should_fail.cold+0x5/0xa [ 1181.136007] ? legacy_init_fs_context+0x44/0xe0 [ 1181.136489] should_failslab+0x5/0x20 [ 1181.136845] kmem_cache_alloc_trace+0x55/0x320 [ 1181.137325] ? lockdep_init_map_type+0x2c7/0x780 [ 1181.137770] legacy_init_fs_context+0x44/0xe0 [ 1181.138258] ? generic_parse_monolithic+0x1f0/0x1f0 [ 1181.138729] alloc_fs_context+0x4fd/0x840 [ 1181.139120] path_mount+0xaa3/0x2120 [ 1181.139522] ? strncpy_from_user+0x9e/0x470 [ 1181.139934] ? finish_automount+0xa90/0xa90 [ 1181.140425] ? getname_flags.part.0+0x1dd/0x4f0 [ 1181.140853] ? _copy_from_user+0xfb/0x1b0 [ 1181.141295] __x64_sys_mount+0x282/0x300 [ 1181.141674] ? copy_mnt_ns+0xa00/0xa00 [ 1181.142040] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1181.142583] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1181.143061] do_syscall_64+0x33/0x40 [ 1181.143485] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1181.143978] RIP: 0033:0x7f78e3094b19 [ 1181.144377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1181.146100] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1181.146867] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1181.147565] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1181.148312] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1181.148970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1181.149669] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:05:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 46) 14:05:57 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xf6ffffff, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe298, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2faa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:05:57 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1181.250627] FAULT_INJECTION: forcing a failure. [ 1181.250627] name failslab, interval 1, probability 0, space 0, times 0 [ 1181.251632] CPU: 1 PID: 18435 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1181.252234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1181.252946] Call Trace: [ 1181.253179] dump_stack+0x107/0x167 [ 1181.253495] should_fail.cold+0x5/0xa [ 1181.253836] ? ___slab_alloc+0x155/0x700 [ 1181.254183] ? create_object.isra.0+0x3a/0xa20 [ 1181.254577] should_failslab+0x5/0x20 [ 1181.254911] kmem_cache_alloc+0x5b/0x310 [ 1181.255262] create_object.isra.0+0x3a/0xa20 [ 1181.255640] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1181.256096] kmem_cache_alloc+0x159/0x310 [ 1181.256461] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1181.256945] idr_get_free+0x4b5/0x8f0 [ 1181.257280] idr_alloc_u32+0x170/0x2d0 [ 1181.257617] ? __fprop_inc_percpu_max+0x130/0x130 [ 1181.258040] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1181.258502] ? lock_release+0x680/0x680 [ 1181.258841] idr_alloc+0xc2/0x130 [ 1181.259146] ? idr_alloc_u32+0x2d0/0x2d0 [ 1181.259495] ? rwlock_bug.part.0+0x90/0x90 [ 1181.259876] p9_client_prepare_req.part.0+0x612/0xac0 [ 1181.260332] p9_client_rpc+0x220/0x1370 [ 1181.260675] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1181.261134] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1181.261596] ? pipe_poll+0x21b/0x7f0 [ 1181.261913] ? p9_fd_close+0x4a0/0x4a0 [ 1181.262256] ? anon_pipe_buf_release+0x280/0x280 [ 1181.262660] ? p9_fd_poll+0x1e0/0x2c0 [ 1181.262988] ? p9_fd_create+0x357/0x4a0 [ 1181.263341] ? p9_conn_create+0x510/0x510 [ 1181.263694] ? p9_client_create+0x798/0x11c0 [ 1181.264081] ? kfree+0xd7/0x340 [ 1181.264382] p9_client_create+0xa76/0x11c0 [ 1181.264748] ? p9_client_flush+0x430/0x430 [ 1181.265110] ? trace_hardirqs_on+0x5b/0x180 [ 1181.265492] ? lockdep_init_map_type+0x2c7/0x780 [ 1181.265901] ? __raw_spin_lock_init+0x36/0x110 [ 1181.266295] v9fs_session_init+0x1dd/0x1680 [ 1181.266673] ? lock_release+0x680/0x680 [ 1181.267020] ? kmem_cache_alloc_trace+0x151/0x320 [ 1181.267442] ? v9fs_show_options+0x690/0x690 [ 1181.267827] ? trace_hardirqs_on+0x5b/0x180 [ 1181.268199] ? kasan_unpoison_shadow+0x33/0x50 [ 1181.268607] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1181.269042] v9fs_mount+0x79/0x8f0 [ 1181.269348] ? v9fs_write_inode+0x60/0x60 [ 1181.269715] legacy_get_tree+0x105/0x220 [ 1181.270060] vfs_get_tree+0x8e/0x300 [ 1181.270378] path_mount+0x1429/0x2120 [ 1181.270717] ? strncpy_from_user+0x9e/0x470 [ 1181.271084] ? finish_automount+0xa90/0xa90 [ 1181.271456] ? getname_flags.part.0+0x1dd/0x4f0 [ 1181.271874] ? _copy_from_user+0xfb/0x1b0 [ 1181.272236] __x64_sys_mount+0x282/0x300 [ 1181.272583] ? copy_mnt_ns+0xa00/0xa00 [ 1181.272927] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1181.273376] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1181.273824] do_syscall_64+0x33/0x40 [ 1181.274142] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1181.274580] RIP: 0033:0x7ff4194adb19 [ 1181.274909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1181.276494] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1181.277152] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1181.277760] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1181.278371] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1181.278981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1181.279596] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:05:57 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x20000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x30aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe398, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xffff0000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 13) 14:06:12 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 47) [ 1196.208993] FAULT_INJECTION: forcing a failure. [ 1196.208993] name failslab, interval 1, probability 0, space 0, times 0 [ 1196.210198] CPU: 0 PID: 18955 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1196.210936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1196.211738] Call Trace: [ 1196.212036] dump_stack+0x107/0x167 [ 1196.212409] should_fail.cold+0x5/0xa [ 1196.212827] ? create_object.isra.0+0x3a/0xa20 [ 1196.213327] should_failslab+0x5/0x20 [ 1196.213737] kmem_cache_alloc+0x5b/0x310 [ 1196.214123] create_object.isra.0+0x3a/0xa20 [ 1196.214579] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1196.215124] kmem_cache_alloc_trace+0x151/0x320 [ 1196.215629] ? lockdep_init_map_type+0x2c7/0x780 [ 1196.216118] legacy_init_fs_context+0x44/0xe0 [ 1196.216562] ? generic_parse_monolithic+0x1f0/0x1f0 [ 1196.217125] alloc_fs_context+0x4fd/0x840 [ 1196.217601] path_mount+0xaa3/0x2120 [ 1196.218027] ? strncpy_from_user+0x9e/0x470 [ 1196.218517] ? finish_automount+0xa90/0xa90 [ 1196.219005] ? getname_flags.part.0+0x1dd/0x4f0 [ 1196.219528] ? _copy_from_user+0xfb/0x1b0 [ 1196.220012] __x64_sys_mount+0x282/0x300 [ 1196.220393] ? copy_mnt_ns+0xa00/0xa00 [ 1196.220769] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1196.221260] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1196.221745] do_syscall_64+0x33/0x40 [ 1196.222096] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1196.222571] RIP: 0033:0x7f78e3094b19 [ 1196.222923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1196.224703] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1196.225525] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1196.226229] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1196.226961] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1196.227714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1196.228412] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:06:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe498, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1196.297996] FAULT_INJECTION: forcing a failure. [ 1196.297996] name failslab, interval 1, probability 0, space 0, times 0 [ 1196.299149] CPU: 0 PID: 19327 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1196.299755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1196.300492] Call Trace: [ 1196.300735] dump_stack+0x107/0x167 [ 1196.301072] should_fail.cold+0x5/0xa [ 1196.301419] ? create_object.isra.0+0x3a/0xa20 [ 1196.301826] should_failslab+0x5/0x20 [ 1196.302170] kmem_cache_alloc+0x5b/0x310 [ 1196.302539] create_object.isra.0+0x3a/0xa20 14:06:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x31aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1196.302934] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1196.303392] kmem_cache_alloc+0x159/0x310 [ 1196.308153] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1196.308649] idr_get_free+0x4b5/0x8f0 [ 1196.308997] idr_alloc_u32+0x170/0x2d0 [ 1196.309351] ? __fprop_inc_percpu_max+0x130/0x130 [ 1196.309775] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1196.310246] ? lock_release+0x680/0x680 [ 1196.310605] idr_alloc+0xc2/0x130 [ 1196.310912] ? idr_alloc_u32+0x2d0/0x2d0 [ 1196.311270] ? rwlock_bug.part.0+0x90/0x90 [ 1196.311661] p9_client_prepare_req.part.0+0x612/0xac0 [ 1196.312129] p9_client_rpc+0x220/0x1370 [ 1196.312481] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1196.312953] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1196.313424] ? pipe_poll+0x21b/0x7f0 [ 1196.313761] ? p9_fd_close+0x4a0/0x4a0 [ 1196.314103] ? anon_pipe_buf_release+0x280/0x280 [ 1196.314522] ? p9_fd_poll+0x1e0/0x2c0 [ 1196.314870] ? p9_fd_create+0x357/0x4a0 [ 1196.315221] ? p9_conn_create+0x510/0x510 [ 1196.315584] ? p9_client_create+0x798/0x11c0 [ 1196.315982] ? kfree+0xd7/0x340 [ 1196.316283] p9_client_create+0xa76/0x11c0 [ 1196.316664] ? p9_client_flush+0x430/0x430 [ 1196.317045] ? trace_hardirqs_on+0x5b/0x180 [ 1196.317428] ? lockdep_init_map_type+0x2c7/0x780 [ 1196.317854] ? __raw_spin_lock_init+0x36/0x110 [ 1196.318261] v9fs_session_init+0x1dd/0x1680 [ 1196.318644] ? lock_release+0x680/0x680 [ 1196.319009] ? kmem_cache_alloc_trace+0x151/0x320 [ 1196.319434] ? v9fs_show_options+0x690/0x690 [ 1196.319830] ? trace_hardirqs_on+0x5b/0x180 [ 1196.320225] ? kasan_unpoison_shadow+0x33/0x50 [ 1196.320629] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1196.321084] v9fs_mount+0x79/0x8f0 [ 1196.321405] ? v9fs_write_inode+0x60/0x60 [ 1196.321774] legacy_get_tree+0x105/0x220 [ 1196.322137] vfs_get_tree+0x8e/0x300 [ 1196.322465] path_mount+0x1429/0x2120 [ 1196.322811] ? strncpy_from_user+0x9e/0x470 [ 1196.323194] ? finish_automount+0xa90/0xa90 [ 1196.323576] ? getname_flags.part.0+0x1dd/0x4f0 [ 1196.324001] ? _copy_from_user+0xfb/0x1b0 [ 1196.324376] __x64_sys_mount+0x282/0x300 [ 1196.324740] ? copy_mnt_ns+0xa00/0xa00 [ 1196.325086] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1196.325551] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1196.326009] do_syscall_64+0x33/0x40 [ 1196.326340] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1196.326792] RIP: 0033:0x7ff4194adb19 [ 1196.327120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1196.328713] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1196.329377] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 14:06:12 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1196.330004] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1196.330629] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1196.336424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1196.337035] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:06:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe598, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xffffff8c, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe698, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x32aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x20100000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 14) [ 1196.595968] FAULT_INJECTION: forcing a failure. [ 1196.595968] name failslab, interval 1, probability 0, space 0, times 0 [ 1196.596994] CPU: 1 PID: 19958 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1196.597583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1196.598288] Call Trace: [ 1196.598532] dump_stack+0x107/0x167 [ 1196.598857] should_fail.cold+0x5/0xa [ 1196.599186] ? v9fs_mount+0x5a/0x8f0 [ 1196.599520] should_failslab+0x5/0x20 [ 1196.599871] kmem_cache_alloc_trace+0x55/0x320 [ 1196.600278] ? v9fs_write_inode+0x60/0x60 [ 1196.600642] v9fs_mount+0x5a/0x8f0 [ 1196.600962] ? v9fs_write_inode+0x60/0x60 [ 1196.601319] legacy_get_tree+0x105/0x220 [ 1196.601674] vfs_get_tree+0x8e/0x300 [ 1196.602002] path_mount+0x1429/0x2120 [ 1196.602331] ? strncpy_from_user+0x9e/0x470 [ 1196.602708] ? finish_automount+0xa90/0xa90 [ 1196.603088] ? getname_flags.part.0+0x1dd/0x4f0 [ 1196.603485] ? _copy_from_user+0xfb/0x1b0 [ 1196.603851] __x64_sys_mount+0x282/0x300 [ 1196.604216] ? copy_mnt_ns+0xa00/0xa00 [ 1196.604554] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1196.605012] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1196.605464] do_syscall_64+0x33/0x40 [ 1196.605791] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1196.606241] RIP: 0033:0x7f78e3094b19 [ 1196.606564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1196.608147] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1196.608812] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1196.609432] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1196.610042] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1196.610652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1196.611261] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:06:12 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3a01, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:12 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xfffffff6, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1210.708058] FAULT_INJECTION: forcing a failure. [ 1210.708058] name failslab, interval 1, probability 0, space 0, times 0 [ 1210.709064] CPU: 0 PID: 20429 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1210.709649] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1210.710345] Call Trace: [ 1210.710577] dump_stack+0x107/0x167 [ 1210.710890] should_fail.cold+0x5/0xa [ 1210.711219] ? p9pdu_readf+0xadb/0x1d40 [ 1210.711561] should_failslab+0x5/0x20 [ 1210.711886] __kmalloc+0x72/0x390 [ 1210.712194] p9pdu_readf+0xadb/0x1d40 [ 1210.712529] ? pipe_poll+0x21b/0x7f0 [ 1210.712852] ? p9pdu_writef+0x100/0x100 [ 1210.713191] ? p9_fd_poll+0x1e0/0x2c0 [ 1210.713520] ? p9_fd_create+0x357/0x4a0 [ 1210.713859] ? p9_conn_create+0x510/0x510 [ 1210.714211] ? p9_client_create+0x798/0x11c0 [ 1210.714584] ? kfree+0xd7/0x340 [ 1210.714873] p9_client_create+0xaee/0x11c0 [ 1210.715239] ? p9_client_flush+0x430/0x430 [ 1210.715601] ? trace_hardirqs_on+0x5b/0x180 [ 1210.715972] ? lockdep_init_map_type+0x2c7/0x780 [ 1210.716404] ? __raw_spin_lock_init+0x36/0x110 [ 1210.716796] v9fs_session_init+0x1dd/0x1680 [ 1210.717159] ? lock_release+0x680/0x680 [ 1210.717498] ? kmem_cache_alloc_trace+0x151/0x320 [ 1210.717906] ? v9fs_show_options+0x690/0x690 [ 1210.718281] ? trace_hardirqs_on+0x5b/0x180 [ 1210.718646] ? kasan_unpoison_shadow+0x33/0x50 [ 1210.719030] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1210.719460] v9fs_mount+0x79/0x8f0 [ 1210.719762] ? v9fs_write_inode+0x60/0x60 [ 1210.720122] legacy_get_tree+0x105/0x220 [ 1210.720485] vfs_get_tree+0x8e/0x300 [ 1210.720798] path_mount+0x1429/0x2120 [ 1210.721128] ? strncpy_from_user+0x9e/0x470 [ 1210.721491] ? finish_automount+0xa90/0xa90 [ 1210.721854] ? getname_flags.part.0+0x1dd/0x4f0 [ 1210.722245] ? _copy_from_user+0xfb/0x1b0 [ 1210.722598] __x64_sys_mount+0x282/0x300 [ 1210.722940] ? copy_mnt_ns+0xa00/0xa00 [ 1210.723270] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1210.723713] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1210.724163] do_syscall_64+0x33/0x40 [ 1210.724487] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1210.724918] RIP: 0033:0x7ff4194adb19 [ 1210.725236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1210.726772] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1210.727413] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1210.728011] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1210.728625] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1210.729221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1210.729820] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1210.740727] FAULT_INJECTION: forcing a failure. [ 1210.740727] name failslab, interval 1, probability 0, space 0, times 0 [ 1210.741688] CPU: 0 PID: 20446 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1210.742269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1210.742968] Call Trace: [ 1210.743195] dump_stack+0x107/0x167 [ 1210.743505] should_fail.cold+0x5/0xa [ 1210.743830] ? create_object.isra.0+0x3a/0xa20 [ 1210.744241] should_failslab+0x5/0x20 [ 1210.744574] kmem_cache_alloc+0x5b/0x310 [ 1210.744921] ? cred_has_capability.isra.0+0x152/0x2b0 [ 1210.745362] create_object.isra.0+0x3a/0xa20 [ 1210.745736] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1210.746174] kmem_cache_alloc_trace+0x151/0x320 [ 1210.746574] ? v9fs_write_inode+0x60/0x60 [ 1210.746928] v9fs_mount+0x5a/0x8f0 [ 1210.747234] ? v9fs_write_inode+0x60/0x60 [ 1210.747587] legacy_get_tree+0x105/0x220 [ 1210.747935] vfs_get_tree+0x8e/0x300 [ 1210.748265] path_mount+0x1429/0x2120 [ 1210.748595] ? strncpy_from_user+0x9e/0x470 [ 1210.748962] ? finish_automount+0xa90/0xa90 [ 1210.749328] ? getname_flags.part.0+0x1dd/0x4f0 [ 1210.749724] ? _copy_from_user+0xfb/0x1b0 [ 1210.750079] __x64_sys_mount+0x282/0x300 [ 1210.750425] ? copy_mnt_ns+0xa00/0xa00 [ 1210.750762] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1210.751207] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1210.751645] do_syscall_64+0x33/0x40 [ 1210.751965] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1210.752418] RIP: 0033:0x7f78e3094b19 [ 1210.752737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1210.754289] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1210.754935] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1210.755537] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1210.756148] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1210.756759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1210.757367] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:06:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 48) 14:06:26 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xedc000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:26 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x33aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:26 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe798, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:26 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:26 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 15) 14:06:26 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8cffffff, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:26 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe898, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:27 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe998, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:27 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x1000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:27 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:27 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x34aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1224.553930] FAULT_INJECTION: forcing a failure. [ 1224.553930] name failslab, interval 1, probability 0, space 0, times 0 [ 1224.555873] CPU: 0 PID: 21288 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1224.556571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1224.557392] Call Trace: [ 1224.557664] dump_stack+0x107/0x167 [ 1224.558025] should_fail.cold+0x5/0xa [ 1224.558402] ? create_object.isra.0+0x3a/0xa20 [ 1224.558863] should_failslab+0x5/0x20 [ 1224.559254] kmem_cache_alloc+0x5b/0x310 [ 1224.559662] create_object.isra.0+0x3a/0xa20 [ 1224.560089] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1224.560606] __kmalloc+0x16e/0x390 [ 1224.560958] p9pdu_readf+0xadb/0x1d40 [ 1224.561327] ? pipe_poll+0x21b/0x7f0 [ 1224.561707] ? p9pdu_writef+0x100/0x100 [ 1224.562101] ? p9_fd_poll+0x1e0/0x2c0 [ 1224.562485] ? p9_fd_create+0x357/0x4a0 [ 1224.562881] ? p9_conn_create+0x510/0x510 [ 1224.563292] ? p9_client_create+0x798/0x11c0 [ 1224.563744] ? kfree+0xd7/0x340 [ 1224.564098] p9_client_create+0xaee/0x11c0 [ 1224.564538] ? p9_client_flush+0x430/0x430 [ 1224.564959] ? trace_hardirqs_on+0x5b/0x180 [ 1224.565399] ? lockdep_init_map_type+0x2c7/0x780 [ 1224.565873] ? __raw_spin_lock_init+0x36/0x110 [ 1224.566335] v9fs_session_init+0x1dd/0x1680 [ 1224.566766] ? lock_release+0x680/0x680 [ 1224.567167] ? kmem_cache_alloc_trace+0x151/0x320 [ 1224.567638] ? v9fs_show_options+0x690/0x690 [ 1224.568063] ? trace_hardirqs_on+0x5b/0x180 [ 1224.568498] ? kasan_unpoison_shadow+0x33/0x50 [ 1224.568938] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1224.569439] v9fs_mount+0x79/0x8f0 [ 1224.569786] ? v9fs_write_inode+0x60/0x60 [ 1224.570201] legacy_get_tree+0x105/0x220 [ 1224.570609] vfs_get_tree+0x8e/0x300 [ 1224.570964] path_mount+0x1429/0x2120 [ 1224.571343] ? strncpy_from_user+0x9e/0x470 [ 1224.571769] ? finish_automount+0xa90/0xa90 [ 1224.571971] FAULT_INJECTION: forcing a failure. [ 1224.571971] name failslab, interval 1, probability 0, space 0, times 0 [ 1224.572181] ? getname_flags.part.0+0x1dd/0x4f0 [ 1224.572200] ? _copy_from_user+0xfb/0x1b0 [ 1224.574124] __x64_sys_mount+0x282/0x300 [ 1224.574510] ? copy_mnt_ns+0xa00/0xa00 [ 1224.574916] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1224.575442] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1224.575935] do_syscall_64+0x33/0x40 [ 1224.576307] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1224.576800] RIP: 0033:0x7ff4194adb19 [ 1224.577161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1224.578919] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1224.579664] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1224.580393] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1224.581070] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1224.581760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1224.582421] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1224.583105] CPU: 1 PID: 21303 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1224.583822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1224.584655] Call Trace: [ 1224.584909] dump_stack+0x107/0x167 [ 1224.585249] should_fail.cold+0x5/0xa [ 1224.585671] should_failslab+0x5/0x20 [ 1224.586031] __kmalloc_track_caller+0x79/0x370 [ 1224.586462] ? v9fs_session_init+0xa7/0x1680 [ 1224.586948] ? kernel_text_address+0xf2/0x120 [ 1224.587373] kstrdup+0x36/0x70 [ 1224.587730] v9fs_session_init+0xa7/0x1680 [ 1224.588136] ? lock_release+0x680/0x680 [ 1224.588525] ? find_held_lock+0x2c/0x110 [ 1224.588958] ? kmem_cache_alloc_trace+0x151/0x320 [ 1224.589412] ? v9fs_show_options+0x690/0x690 [ 1224.589876] ? trace_hardirqs_on+0x5b/0x180 [ 1224.590285] ? kasan_unpoison_shadow+0x33/0x50 [ 1224.590800] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1224.591297] v9fs_mount+0x79/0x8f0 [ 1224.591670] ? v9fs_write_inode+0x60/0x60 [ 1224.592050] legacy_get_tree+0x105/0x220 [ 1224.592464] vfs_get_tree+0x8e/0x300 [ 1224.592868] path_mount+0x1429/0x2120 [ 1224.593231] ? strncpy_from_user+0x9e/0x470 [ 1224.593697] ? finish_automount+0xa90/0xa90 [ 1224.594111] ? getname_flags.part.0+0x1dd/0x4f0 [ 1224.594624] ? _copy_from_user+0xfb/0x1b0 [ 1224.595033] __x64_sys_mount+0x282/0x300 [ 1224.595420] ? copy_mnt_ns+0xa00/0xa00 [ 1224.595840] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1224.596354] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1224.596898] do_syscall_64+0x33/0x40 [ 1224.597251] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1224.597787] RIP: 0033:0x7f78e3094b19 [ 1224.598153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1224.600001] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1224.600815] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1224.601494] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1224.602207] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1224.602963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1224.603701] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:06:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x35aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xea98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 49) 14:06:40 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xc0ed0000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 16) 14:06:40 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xeb98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x36aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xec98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:40 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 17) 14:06:40 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 50) [ 1224.773265] FAULT_INJECTION: forcing a failure. [ 1224.773265] name failslab, interval 1, probability 0, space 0, times 0 [ 1224.774369] CPU: 0 PID: 21782 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1224.775041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1224.775849] Call Trace: [ 1224.776120] dump_stack+0x107/0x167 [ 1224.776488] should_fail.cold+0x5/0xa [ 1224.776874] ? create_object.isra.0+0x3a/0xa20 [ 1224.777321] should_failslab+0x5/0x20 [ 1224.777701] kmem_cache_alloc+0x5b/0x310 [ 1224.778117] create_object.isra.0+0x3a/0xa20 [ 1224.778574] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1224.779084] __kmalloc_track_caller+0x177/0x370 [ 1224.779559] ? v9fs_session_init+0xa7/0x1680 [ 1224.779980] ? kernel_text_address+0xf2/0x120 [ 1224.780423] kstrdup+0x36/0x70 [ 1224.780743] v9fs_session_init+0xa7/0x1680 [ 1224.781160] ? lock_release+0x680/0x680 [ 1224.781541] ? find_held_lock+0x2c/0x110 [ 1224.781934] ? kmem_cache_alloc_trace+0x151/0x320 [ 1224.782399] ? v9fs_show_options+0x690/0x690 [ 1224.782826] ? trace_hardirqs_on+0x5b/0x180 [ 1224.783247] ? kasan_unpoison_shadow+0x33/0x50 [ 1224.783691] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1224.784199] v9fs_mount+0x79/0x8f0 [ 1224.784562] ? v9fs_write_inode+0x60/0x60 [ 1224.784962] legacy_get_tree+0x105/0x220 [ 1224.785361] vfs_get_tree+0x8e/0x300 [ 1224.785723] path_mount+0x1429/0x2120 [ 1224.786100] ? strncpy_from_user+0x9e/0x470 [ 1224.786516] ? finish_automount+0xa90/0xa90 [ 1224.786939] ? getname_flags.part.0+0x1dd/0x4f0 [ 1224.787396] ? _copy_from_user+0xfb/0x1b0 [ 1224.787795] __x64_sys_mount+0x282/0x300 [ 1224.788184] ? copy_mnt_ns+0xa00/0xa00 [ 1224.788593] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1224.789106] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1224.789607] do_syscall_64+0x33/0x40 [ 1224.789965] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1224.790463] RIP: 0033:0x7f78e3094b19 [ 1224.790841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1224.792602] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1224.793324] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1224.794009] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1224.794698] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1224.795406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1224.796085] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:06:41 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x100000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:41 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xed98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:41 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x37aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:41 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6dd, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1224.901816] FAULT_INJECTION: forcing a failure. [ 1224.901816] name failslab, interval 1, probability 0, space 0, times 0 [ 1224.903157] CPU: 0 PID: 22066 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1224.903804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1224.904590] Call Trace: [ 1224.904844] dump_stack+0x107/0x167 [ 1224.905192] should_fail.cold+0x5/0xa [ 1224.905575] ? create_object.isra.0+0x3a/0xa20 [ 1224.906012] should_failslab+0x5/0x20 [ 1224.906374] kmem_cache_alloc+0x5b/0x310 [ 1224.906761] create_object.isra.0+0x3a/0xa20 [ 1224.907179] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1224.907660] kmem_cache_alloc+0x159/0x310 [ 1224.908054] kmem_cache_create_usercopy+0x190/0x2f0 [ 1224.908546] p9_client_create+0xc2b/0x11c0 [ 1224.908951] ? p9_client_flush+0x430/0x430 [ 1224.909349] ? trace_hardirqs_on+0x5b/0x180 [ 1224.909758] ? lockdep_init_map_type+0x2c7/0x780 [ 1224.910206] ? __raw_spin_lock_init+0x36/0x110 [ 1224.910663] v9fs_session_init+0x1dd/0x1680 [ 1224.911068] ? lock_release+0x680/0x680 [ 1224.911426] ? kmem_cache_alloc_trace+0x151/0x320 [ 1224.911862] ? v9fs_show_options+0x690/0x690 [ 1224.912298] ? trace_hardirqs_on+0x5b/0x180 [ 1224.912725] ? kasan_unpoison_shadow+0x33/0x50 [ 1224.913171] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1224.913678] v9fs_mount+0x79/0x8f0 [ 1224.914034] ? v9fs_write_inode+0x60/0x60 [ 1224.914458] legacy_get_tree+0x105/0x220 [ 1224.914851] vfs_get_tree+0x8e/0x300 [ 1224.915216] path_mount+0x1429/0x2120 [ 1224.915597] ? strncpy_from_user+0x9e/0x470 [ 1224.916021] ? finish_automount+0xa90/0xa90 [ 1224.916455] ? getname_flags.part.0+0x1dd/0x4f0 [ 1224.916927] ? _copy_from_user+0xfb/0x1b0 [ 1224.917336] __x64_sys_mount+0x282/0x300 [ 1224.917731] ? copy_mnt_ns+0xa00/0xa00 [ 1224.918121] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1224.918642] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1224.919173] do_syscall_64+0x33/0x40 [ 1224.919539] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1224.920032] RIP: 0033:0x7ff4194adb19 [ 1224.920400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1224.922182] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1224.922924] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1224.923610] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1224.924289] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1224.924977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1224.925662] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:06:56 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xf6ffffff, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:56 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6de, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 51) 14:06:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xedc0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:56 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:56 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x200000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:56 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 18) 14:06:56 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x38aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1239.963780] FAULT_INJECTION: forcing a failure. [ 1239.963780] name failslab, interval 1, probability 0, space 0, times 0 [ 1239.964720] CPU: 0 PID: 22552 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1239.965269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1239.965941] Call Trace: [ 1239.966169] FAULT_INJECTION: forcing a failure. [ 1239.966169] name failslab, interval 1, probability 0, space 0, times 0 [ 1239.966184] dump_stack+0x107/0x167 [ 1239.966202] should_fail.cold+0x5/0xa [ 1239.967881] should_failslab+0x5/0x20 [ 1239.968191] __kmalloc_track_caller+0x79/0x370 [ 1239.968576] ? v9fs_session_init+0xe9/0x1680 [ 1239.968931] ? kernel_text_address+0xf2/0x120 [ 1239.969295] kstrdup+0x36/0x70 [ 1239.969556] v9fs_session_init+0xe9/0x1680 [ 1239.969898] ? lock_release+0x680/0x680 [ 1239.970217] ? find_held_lock+0x2c/0x110 [ 1239.970548] ? kmem_cache_alloc_trace+0x151/0x320 [ 1239.970936] ? v9fs_show_options+0x690/0x690 [ 1239.971295] ? trace_hardirqs_on+0x5b/0x180 [ 1239.971646] ? kasan_unpoison_shadow+0x33/0x50 [ 1239.972013] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1239.972424] v9fs_mount+0x79/0x8f0 [ 1239.972733] ? v9fs_write_inode+0x60/0x60 [ 1239.973068] legacy_get_tree+0x105/0x220 [ 1239.973398] vfs_get_tree+0x8e/0x300 [ 1239.973699] path_mount+0x1429/0x2120 [ 1239.974009] ? strncpy_from_user+0x9e/0x470 [ 1239.974355] ? finish_automount+0xa90/0xa90 [ 1239.974701] ? getname_flags.part.0+0x1dd/0x4f0 [ 1239.975078] ? _copy_from_user+0xfb/0x1b0 [ 1239.975417] __x64_sys_mount+0x282/0x300 [ 1239.975743] ? copy_mnt_ns+0xa00/0xa00 [ 1239.976057] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1239.976486] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1239.976907] do_syscall_64+0x33/0x40 [ 1239.977207] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1239.977617] RIP: 0033:0x7f78e3094b19 [ 1239.977916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1239.979374] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1239.979982] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1239.980574] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1239.981142] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1239.981710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1239.982277] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1239.982868] CPU: 1 PID: 22561 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1239.983479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1239.984279] Call Trace: [ 1239.984538] dump_stack+0x107/0x167 [ 1239.985044] should_fail.cold+0x5/0xa [ 1239.985388] ? __kmem_cache_create+0x10e/0x520 [ 1239.985884] should_failslab+0x5/0x20 [ 1239.986442] kmem_cache_alloc_node+0x55/0x330 [ 1239.986961] __kmem_cache_create+0x10e/0x520 [ 1239.987352] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1239.987889] p9_client_create+0xc2b/0x11c0 [ 1239.988271] ? p9_client_flush+0x430/0x430 [ 1239.988779] ? trace_hardirqs_on+0x5b/0x180 [ 1239.989166] ? lockdep_init_map_type+0x2c7/0x780 [ 1239.989637] ? __raw_spin_lock_init+0x36/0x110 [ 1239.990092] v9fs_session_init+0x1dd/0x1680 [ 1239.990475] ? lock_release+0x680/0x680 [ 1239.990925] ? kmem_cache_alloc_trace+0x151/0x320 [ 1239.991357] ? v9fs_show_options+0x690/0x690 [ 1239.991878] ? trace_hardirqs_on+0x5b/0x180 [ 1239.992268] ? kasan_unpoison_shadow+0x33/0x50 [ 1239.992817] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1239.993279] v9fs_mount+0x79/0x8f0 [ 1239.993653] ? v9fs_write_inode+0x60/0x60 [ 1239.994075] legacy_get_tree+0x105/0x220 [ 1239.994438] vfs_get_tree+0x8e/0x300 [ 1239.994860] path_mount+0x1429/0x2120 [ 1239.995204] ? strncpy_from_user+0x9e/0x470 [ 1239.995660] ? finish_automount+0xa90/0xa90 [ 1239.996092] ? getname_flags.part.0+0x1dd/0x4f0 [ 1239.996512] ? _copy_from_user+0xfb/0x1b0 [ 1239.997008] __x64_sys_mount+0x282/0x300 [ 1239.997367] ? copy_mnt_ns+0xa00/0xa00 [ 1239.997807] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1239.998269] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1239.998818] do_syscall_64+0x33/0x40 [ 1239.999151] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1239.999675] RIP: 0033:0x7ff4194adb19 [ 1240.000052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1240.001850] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1240.002517] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1240.003225] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1240.003934] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1240.004649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1240.005337] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 [ 1240.006124] kmem_cache_create(9p-fcall-cache) failed with error -22 [ 1240.006797] CPU: 1 PID: 22561 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1240.007392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1240.008197] Call Trace: [ 1240.008430] dump_stack+0x107/0x167 [ 1240.008920] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1240.009383] p9_client_create+0xc2b/0x11c0 [ 1240.009855] ? p9_client_flush+0x430/0x430 [ 1240.010230] ? trace_hardirqs_on+0x5b/0x180 [ 1240.011658] ? lockdep_init_map_type+0x2c7/0x780 [ 1240.012074] ? __raw_spin_lock_init+0x36/0x110 [ 1240.012491] v9fs_session_init+0x1dd/0x1680 [ 1240.012952] ? lock_release+0x680/0x680 [ 1240.013313] ? kmem_cache_alloc_trace+0x151/0x320 [ 1240.013783] ? v9fs_show_options+0x690/0x690 [ 1240.014176] ? trace_hardirqs_on+0x5b/0x180 [ 1240.014608] ? kasan_unpoison_shadow+0x33/0x50 [ 1240.015012] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1240.015456] v9fs_mount+0x79/0x8f0 [ 1240.015824] ? v9fs_write_inode+0x60/0x60 [ 1240.016194] legacy_get_tree+0x105/0x220 [ 1240.018763] vfs_get_tree+0x8e/0x300 [ 1240.019094] path_mount+0x1429/0x2120 [ 1240.019435] ? strncpy_from_user+0x9e/0x470 [ 1240.020076] ? finish_automount+0xa90/0xa90 [ 1240.020457] ? getname_flags.part.0+0x1dd/0x4f0 [ 1240.021283] ? _copy_from_user+0xfb/0x1b0 [ 1240.021885] __x64_sys_mount+0x282/0x300 [ 1240.022242] ? copy_mnt_ns+0xa00/0xa00 [ 1240.022635] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1240.023093] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1240.023587] do_syscall_64+0x33/0x40 [ 1240.023927] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1240.024377] RIP: 0033:0x7ff4194adb19 [ 1240.024760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1240.026363] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1240.027063] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1240.027722] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 14:06:56 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6df, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1240.028332] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1240.029006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1240.029664] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:06:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xee98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:56 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:56 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x700000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:06:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xef98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:10 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:10 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 19) 14:07:10 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf098, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:10 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xffff0000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:10 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x39aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:10 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:10 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x800000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:10 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 52) [ 1254.314997] FAULT_INJECTION: forcing a failure. [ 1254.314997] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.316116] CPU: 0 PID: 23311 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1254.316751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1254.317494] Call Trace: [ 1254.317748] dump_stack+0x107/0x167 [ 1254.318090] should_fail.cold+0x5/0xa [ 1254.318452] should_failslab+0x5/0x20 [ 1254.318810] __kmalloc_track_caller+0x79/0x370 [ 1254.319233] ? v9fs_session_init+0xa7/0x1680 [ 1254.319642] ? kernel_text_address+0xf2/0x120 [ 1254.320063] kstrdup+0x36/0x70 [ 1254.320366] v9fs_session_init+0xa7/0x1680 [ 1254.320782] ? lock_release+0x680/0x680 [ 1254.321153] ? find_held_lock+0x2c/0x110 [ 1254.321537] ? kmem_cache_alloc_trace+0x151/0x320 [ 1254.321987] ? v9fs_show_options+0x690/0x690 [ 1254.322402] ? trace_hardirqs_on+0x5b/0x180 [ 1254.322804] ? kasan_unpoison_shadow+0x33/0x50 [ 1254.323243] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1254.323715] v9fs_mount+0x79/0x8f0 [ 1254.324057] ? v9fs_write_inode+0x60/0x60 [ 1254.324447] legacy_get_tree+0x105/0x220 [ 1254.324835] vfs_get_tree+0x8e/0x300 [ 1254.325196] path_mount+0x1429/0x2120 [ 1254.325553] ? strncpy_from_user+0x9e/0x470 [ 1254.325953] ? finish_automount+0xa90/0xa90 [ 1254.326367] ? getname_flags.part.0+0x1dd/0x4f0 [ 1254.326764] FAULT_INJECTION: forcing a failure. [ 1254.326764] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.327697] ? _copy_from_user+0xfb/0x1b0 [ 1254.327719] __x64_sys_mount+0x282/0x300 [ 1254.327732] ? copy_mnt_ns+0xa00/0xa00 [ 1254.327748] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1254.333215] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1254.333657] do_syscall_64+0x33/0x40 [ 1254.333972] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1254.334403] RIP: 0033:0x7f78e3094b19 [ 1254.334723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1254.336251] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1254.336908] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1254.337505] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1254.338109] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1254.338705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1254.339315] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1254.339938] CPU: 1 PID: 23315 Comm: syz-executor.6 Not tainted 5.10.223 #1 [ 1254.340573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1254.341332] Call Trace: [ 1254.341581] dump_stack+0x107/0x167 [ 1254.341921] should_fail.cold+0x5/0xa [ 1254.342289] ? create_object.isra.0+0x3a/0xa20 [ 1254.342715] should_failslab+0x5/0x20 [ 1254.343076] kmem_cache_alloc+0x5b/0x310 [ 1254.343456] create_object.isra.0+0x3a/0xa20 [ 1254.343863] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1254.344341] kmem_cache_alloc_node+0x169/0x330 [ 1254.344780] __kmem_cache_create+0x10e/0x520 [ 1254.345202] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1254.345668] p9_client_create+0xc2b/0x11c0 [ 1254.346068] ? p9_client_flush+0x430/0x430 [ 1254.346470] ? trace_hardirqs_on+0x5b/0x180 [ 1254.346872] ? lockdep_init_map_type+0x2c7/0x780 [ 1254.347322] ? __raw_spin_lock_init+0x36/0x110 [ 1254.347746] v9fs_session_init+0x1dd/0x1680 [ 1254.348147] ? lock_release+0x680/0x680 [ 1254.348534] ? kmem_cache_alloc_trace+0x151/0x320 [ 1254.348983] ? v9fs_show_options+0x690/0x690 [ 1254.349395] ? trace_hardirqs_on+0x5b/0x180 [ 1254.349797] ? kasan_unpoison_shadow+0x33/0x50 [ 1254.350219] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1254.350694] v9fs_mount+0x79/0x8f0 [ 1254.351029] ? v9fs_write_inode+0x60/0x60 [ 1254.351416] legacy_get_tree+0x105/0x220 [ 1254.351799] vfs_get_tree+0x8e/0x300 [ 1254.352149] path_mount+0x1429/0x2120 [ 1254.352505] ? strncpy_from_user+0x9e/0x470 [ 1254.352919] ? finish_automount+0xa90/0xa90 [ 1254.353315] ? getname_flags.part.0+0x1dd/0x4f0 [ 1254.353747] ? _copy_from_user+0xfb/0x1b0 [ 1254.354136] __x64_sys_mount+0x282/0x300 [ 1254.354512] ? copy_mnt_ns+0xa00/0xa00 [ 1254.354885] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1254.355370] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1254.355850] do_syscall_64+0x33/0x40 [ 1254.356194] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1254.356668] RIP: 0033:0x7ff4194adb19 [ 1254.357020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1254.358660] RSP: 002b:00007ff416a23188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1254.359354] RAX: ffffffffffffffda RBX: 00007ff4195c0f60 RCX: 00007ff4194adb19 [ 1254.360005] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1254.360655] RBP: 00007ff416a231d0 R08: 0000000020000140 R09: 0000000000000000 [ 1254.361304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1254.361946] R13: 00007ffd3702dc0f R14: 00007ff416a23300 R15: 0000000000022000 14:07:10 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf198, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:10 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 20) 14:07:10 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x900000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1254.537081] FAULT_INJECTION: forcing a failure. [ 1254.537081] name failslab, interval 1, probability 0, space 0, times 0 [ 1254.538237] CPU: 1 PID: 23845 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1254.538863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1254.539618] Call Trace: [ 1254.539875] dump_stack+0x107/0x167 [ 1254.540225] should_fail.cold+0x5/0xa [ 1254.540585] ? p9_client_create+0xaf/0x11c0 [ 1254.540993] should_failslab+0x5/0x20 [ 1254.541350] kmem_cache_alloc_trace+0x55/0x320 [ 1254.541778] ? find_held_lock+0x2c/0x110 [ 1254.542166] p9_client_create+0xaf/0x11c0 [ 1254.542549] ? lock_downgrade+0x6d0/0x6d0 [ 1254.542935] ? p9_client_flush+0x430/0x430 [ 1254.543334] ? trace_hardirqs_on+0x5b/0x180 [ 1254.543742] ? lockdep_init_map_type+0x2c7/0x780 [ 1254.544183] ? __raw_spin_lock_init+0x36/0x110 [ 1254.544625] v9fs_session_init+0x1dd/0x1680 [ 1254.545024] ? lock_release+0x680/0x680 [ 1254.545406] ? kmem_cache_alloc_trace+0x151/0x320 [ 1254.545844] ? v9fs_show_options+0x690/0x690 [ 1254.546253] ? trace_hardirqs_on+0x5b/0x180 [ 1254.546663] ? kasan_unpoison_shadow+0x33/0x50 [ 1254.547074] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1254.547544] v9fs_mount+0x79/0x8f0 [ 1254.547878] ? v9fs_write_inode+0x60/0x60 [ 1254.548261] legacy_get_tree+0x105/0x220 [ 1254.548660] vfs_get_tree+0x8e/0x300 [ 1254.549007] path_mount+0x1429/0x2120 [ 1254.549368] ? strncpy_from_user+0x9e/0x470 [ 1254.549773] ? finish_automount+0xa90/0xa90 [ 1254.550171] ? getname_flags.part.0+0x1dd/0x4f0 [ 1254.550624] ? _copy_from_user+0xfb/0x1b0 [ 1254.551014] __x64_sys_mount+0x282/0x300 [ 1254.551388] ? copy_mnt_ns+0xa00/0xa00 [ 1254.551762] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1254.552244] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1254.552738] do_syscall_64+0x33/0x40 [ 1254.553081] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1254.553545] RIP: 0033:0x7f78e3094b19 [ 1254.553892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1254.555522] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1254.556212] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1254.556864] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1254.557519] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1254.558171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1254.558814] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:07:25 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xa00000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e1, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf298, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 21) 14:07:25 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 53) 14:07:25 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3a01, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xffffff8c, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf398, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1269.127558] FAULT_INJECTION: forcing a failure. [ 1269.127558] name failslab, interval 1, probability 0, space 0, times 0 [ 1269.130297] CPU: 0 PID: 23963 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1269.131926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1269.133882] Call Trace: [ 1269.134500] dump_stack+0x107/0x167 [ 1269.135350] should_fail.cold+0x5/0xa [ 1269.136251] ? create_object.isra.0+0x3a/0xa20 [ 1269.137324] should_failslab+0x5/0x20 [ 1269.138222] kmem_cache_alloc+0x5b/0x310 [ 1269.139181] ? kernel_text_address+0xf2/0x120 [ 1269.140216] create_object.isra.0+0x3a/0xa20 [ 1269.141220] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1269.142362] kmem_cache_alloc_trace+0x151/0x320 [ 1269.143418] p9_client_create+0xaf/0x11c0 [ 1269.144362] ? lock_downgrade+0x6d0/0x6d0 [ 1269.145312] ? p9_client_flush+0x430/0x430 [ 1269.146271] ? trace_hardirqs_on+0x5b/0x180 [ 1269.147231] ? lockdep_init_map_type+0x2c7/0x780 [ 1269.148337] ? __raw_spin_lock_init+0x36/0x110 [ 1269.149431] v9fs_session_init+0x1dd/0x1680 [ 1269.150407] ? lock_release+0x680/0x680 [ 1269.151309] ? kmem_cache_alloc_trace+0x151/0x320 [ 1269.152406] ? v9fs_show_options+0x690/0x690 [ 1269.153411] ? trace_hardirqs_on+0x5b/0x180 [ 1269.154385] ? kasan_unpoison_shadow+0x33/0x50 [ 1269.155410] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1269.156561] v9fs_mount+0x79/0x8f0 [ 1269.157378] ? v9fs_write_inode+0x60/0x60 [ 1269.158332] legacy_get_tree+0x105/0x220 [ 1269.159258] vfs_get_tree+0x8e/0x300 [ 1269.160096] path_mount+0x1429/0x2120 [ 1269.160950] ? strncpy_from_user+0x9e/0x470 [ 1269.161921] ? finish_automount+0xa90/0xa90 [ 1269.162895] ? getname_flags.part.0+0x1dd/0x4f0 [ 1269.163956] ? _copy_from_user+0xfb/0x1b0 [ 1269.164907] __x64_sys_mount+0x282/0x300 [ 1269.165829] ? copy_mnt_ns+0xa00/0xa00 [ 1269.166705] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1269.167896] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1269.169067] do_syscall_64+0x33/0x40 [ 1269.169912] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1269.171063] RIP: 0033:0x7f78e3094b19 [ 1269.171941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1269.176136] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1269.177858] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1269.179453] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1269.181078] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1269.182671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1269.184278] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:07:25 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3aaa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xb00000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf498, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x13a, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:25 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xfffffff6, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 22) 14:07:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xedc000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3baa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf598, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x1000000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf698, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1283.333325] FAULT_INJECTION: forcing a failure. [ 1283.333325] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.334363] CPU: 1 PID: 25195 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1283.334957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.335685] Call Trace: [ 1283.335925] dump_stack+0x107/0x167 [ 1283.336238] should_fail.cold+0x5/0xa [ 1283.336575] should_failslab+0x5/0x20 [ 1283.336908] __kmalloc_track_caller+0x79/0x370 [ 1283.337317] ? p9_client_create+0x41d/0x11c0 [ 1283.337709] kstrdup+0x36/0x70 [ 1283.337992] p9_client_create+0x41d/0x11c0 [ 1283.338367] ? lock_downgrade+0x6d0/0x6d0 [ 1283.338733] ? p9_client_flush+0x430/0x430 [ 1283.339102] ? trace_hardirqs_on+0x5b/0x180 [ 1283.339479] ? lockdep_init_map_type+0x2c7/0x780 [ 1283.339896] ? __raw_spin_lock_init+0x36/0x110 [ 1283.340291] v9fs_session_init+0x1dd/0x1680 [ 1283.340666] ? lock_release+0x680/0x680 [ 1283.341039] ? kmem_cache_alloc_trace+0x151/0x320 [ 1283.341453] ? v9fs_show_options+0x690/0x690 [ 1283.341832] ? trace_hardirqs_on+0x5b/0x180 [ 1283.342208] ? kasan_unpoison_shadow+0x33/0x50 [ 1283.342603] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1283.343044] v9fs_mount+0x79/0x8f0 [ 1283.343354] ? v9fs_write_inode+0x60/0x60 [ 1283.343711] legacy_get_tree+0x105/0x220 [ 1283.344064] vfs_get_tree+0x8e/0x300 [ 1283.344383] path_mount+0x1429/0x2120 [ 1283.344717] ? strncpy_from_user+0x9e/0x470 [ 1283.345110] ? finish_automount+0xa90/0xa90 [ 1283.345485] ? getname_flags.part.0+0x1dd/0x4f0 [ 1283.345889] ? _copy_from_user+0xfb/0x1b0 [ 1283.346250] __x64_sys_mount+0x282/0x300 [ 1283.346600] ? copy_mnt_ns+0xa00/0xa00 [ 1283.346939] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.347394] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.347837] do_syscall_64+0x33/0x40 [ 1283.348158] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.348594] RIP: 0033:0x7f78e3094b19 [ 1283.348919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.350510] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1283.351166] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1283.351775] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1283.352381] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1283.352992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1283.353600] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:07:39 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf798, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3caa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2000000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x1000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:39 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 23) [ 1283.608506] FAULT_INJECTION: forcing a failure. [ 1283.608506] name failslab, interval 1, probability 0, space 0, times 0 [ 1283.609645] CPU: 1 PID: 26324 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1283.610224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1283.610930] Call Trace: [ 1283.611162] dump_stack+0x107/0x167 [ 1283.611479] should_fail.cold+0x5/0xa [ 1283.611814] ? create_object.isra.0+0x3a/0xa20 [ 1283.612209] should_failslab+0x5/0x20 [ 1283.612538] kmem_cache_alloc+0x5b/0x310 [ 1283.612890] ? lock_downgrade+0x6d0/0x6d0 [ 1283.613263] create_object.isra.0+0x3a/0xa20 [ 1283.613641] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1283.614075] __kmalloc_track_caller+0x177/0x370 [ 1283.614474] ? p9_client_create+0x41d/0x11c0 [ 1283.614854] kstrdup+0x36/0x70 [ 1283.615130] p9_client_create+0x41d/0x11c0 [ 1283.615493] ? lock_downgrade+0x6d0/0x6d0 [ 1283.615854] ? p9_client_flush+0x430/0x430 [ 1283.616219] ? trace_hardirqs_on+0x5b/0x180 [ 1283.616593] ? lockdep_init_map_type+0x2c7/0x780 [ 1283.617010] ? __raw_spin_lock_init+0x36/0x110 [ 1283.617412] v9fs_session_init+0x1dd/0x1680 [ 1283.617787] ? lock_release+0x680/0x680 [ 1283.618136] ? kmem_cache_alloc_trace+0x151/0x320 [ 1283.618553] ? v9fs_show_options+0x690/0x690 [ 1283.618939] ? trace_hardirqs_on+0x5b/0x180 [ 1283.619315] ? kasan_unpoison_shadow+0x33/0x50 [ 1283.619712] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1283.620149] v9fs_mount+0x79/0x8f0 [ 1283.620458] ? v9fs_write_inode+0x60/0x60 [ 1283.620815] legacy_get_tree+0x105/0x220 [ 1283.621180] vfs_get_tree+0x8e/0x300 [ 1283.621502] path_mount+0x1429/0x2120 [ 1283.621834] ? strncpy_from_user+0x9e/0x470 [ 1283.622200] ? finish_automount+0xa90/0xa90 [ 1283.622571] ? getname_flags.part.0+0x1dd/0x4f0 [ 1283.622970] ? _copy_from_user+0xfb/0x1b0 [ 1283.623327] __x64_sys_mount+0x282/0x300 [ 1283.623673] ? copy_mnt_ns+0xa00/0xa00 [ 1283.624011] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1283.624466] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1283.624913] do_syscall_64+0x33/0x40 [ 1283.625252] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1283.625690] RIP: 0033:0x7f78e3094b19 [ 1283.626008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.627566] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1283.628214] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1283.628817] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1283.629441] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1283.630046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1283.630656] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:07:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 24) 14:07:53 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf898, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:53 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:53 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3daa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:53 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2010000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:53 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1297.757777] FAULT_INJECTION: forcing a failure. [ 1297.757777] name failslab, interval 1, probability 0, space 0, times 0 [ 1297.759801] CPU: 1 PID: 26391 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1297.760440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1297.761278] Call Trace: [ 1297.761512] dump_stack+0x107/0x167 [ 1297.761943] should_fail.cold+0x5/0xa [ 1297.762356] should_failslab+0x5/0x20 [ 1297.762805] __kmalloc_track_caller+0x79/0x370 [ 1297.763246] ? p9_client_create+0x51e/0x11c0 [ 1297.763709] kmemdup_nul+0x2d/0xa0 [ 1297.764026] p9_client_create+0x51e/0x11c0 [ 1297.766429] ? p9_client_flush+0x430/0x430 [ 1297.766889] ? trace_hardirqs_on+0x5b/0x180 [ 1297.767316] ? lockdep_init_map_type+0x2c7/0x780 [ 1297.767844] ? __raw_spin_lock_init+0x36/0x110 [ 1297.768289] v9fs_session_init+0x1dd/0x1680 [ 1297.768752] ? lock_release+0x680/0x680 [ 1297.769096] ? kmem_cache_alloc_trace+0x151/0x320 [ 1297.769611] ? v9fs_show_options+0x690/0x690 [ 1297.771898] ? trace_hardirqs_on+0x5b/0x180 [ 1297.772317] ? kasan_unpoison_shadow+0x33/0x50 [ 1297.772805] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1297.773357] v9fs_mount+0x79/0x8f0 [ 1297.773758] ? v9fs_write_inode+0x60/0x60 [ 1297.774121] legacy_get_tree+0x105/0x220 [ 1297.774835] vfs_get_tree+0x8e/0x300 [ 1297.775230] path_mount+0x1429/0x2120 [ 1297.775634] ? strncpy_from_user+0x9e/0x470 [ 1297.776054] ? finish_automount+0xa90/0xa90 [ 1297.776478] ? getname_flags.part.0+0x1dd/0x4f0 [ 1297.776993] ? _copy_from_user+0xfb/0x1b0 [ 1297.777432] __x64_sys_mount+0x282/0x300 [ 1297.777869] ? copy_mnt_ns+0xa00/0xa00 [ 1297.778258] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1297.778796] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1297.779322] do_syscall_64+0x33/0x40 [ 1297.779760] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1297.780241] RIP: 0033:0x7f78e3094b19 [ 1297.780610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1297.782437] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1297.783246] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1297.783936] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1297.784655] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1297.785842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1297.787711] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:07:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf998, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:54 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x100000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfa98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:54 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8cffffff00000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:54 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:54 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 25) 14:07:54 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:07:54 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3eaa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1298.001273] FAULT_INJECTION: forcing a failure. [ 1298.001273] name failslab, interval 1, probability 0, space 0, times 0 [ 1298.002476] CPU: 1 PID: 27131 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1298.003133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1298.004022] Call Trace: [ 1298.004334] dump_stack+0x107/0x167 [ 1298.004688] should_fail.cold+0x5/0xa [ 1298.005061] ? create_object.isra.0+0x3a/0xa20 [ 1298.005564] should_failslab+0x5/0x20 [ 1298.005942] kmem_cache_alloc+0x5b/0x310 [ 1298.006404] create_object.isra.0+0x3a/0xa20 [ 1298.006847] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1298.008217] __kmalloc_track_caller+0x177/0x370 [ 1298.008712] ? p9_client_create+0x51e/0x11c0 [ 1298.009223] kmemdup_nul+0x2d/0xa0 [ 1298.009603] p9_client_create+0x51e/0x11c0 [ 1298.010049] ? p9_client_flush+0x430/0x430 [ 1298.011069] ? trace_hardirqs_on+0x5b/0x180 [ 1298.011645] ? lockdep_init_map_type+0x2c7/0x780 [ 1298.012184] ? __raw_spin_lock_init+0x36/0x110 [ 1298.012678] v9fs_session_init+0x1dd/0x1680 [ 1298.013126] ? lock_release+0x680/0x680 [ 1298.013608] ? kmem_cache_alloc_trace+0x151/0x320 [ 1298.014107] ? v9fs_show_options+0x690/0x690 [ 1298.014624] ? trace_hardirqs_on+0x5b/0x180 [ 1298.015078] ? kasan_unpoison_shadow+0x33/0x50 [ 1298.015629] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1298.016202] v9fs_mount+0x79/0x8f0 [ 1298.016581] ? v9fs_write_inode+0x60/0x60 [ 1298.017010] legacy_get_tree+0x105/0x220 [ 1298.017498] vfs_get_tree+0x8e/0x300 [ 1298.017895] path_mount+0x1429/0x2120 [ 1298.018349] ? strncpy_from_user+0x9e/0x470 [ 1298.018782] ? finish_automount+0xa90/0xa90 [ 1298.019311] ? getname_flags.part.0+0x1dd/0x4f0 [ 1298.019788] ? _copy_from_user+0xfb/0x1b0 [ 1298.020290] __x64_sys_mount+0x282/0x300 [ 1298.020708] ? copy_mnt_ns+0xa00/0xa00 [ 1298.021122] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1298.021712] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1298.022281] do_syscall_64+0x33/0x40 [ 1298.022692] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1298.023280] RIP: 0033:0x7f78e3094b19 [ 1298.023663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1298.025605] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1298.026316] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1298.026969] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1298.027686] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1298.028348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1298.028988] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:07:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfb98, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 26) 14:08:08 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x200000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1311.836409] FAULT_INJECTION: forcing a failure. [ 1311.836409] name failslab, interval 1, probability 0, space 0, times 0 [ 1311.837419] CPU: 1 PID: 27671 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1311.838016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1311.838732] Call Trace: [ 1311.838966] dump_stack+0x107/0x167 [ 1311.839277] should_fail.cold+0x5/0xa [ 1311.839609] should_failslab+0x5/0x20 [ 1311.839940] __kmalloc_track_caller+0x79/0x370 [ 1311.840331] ? p9_client_create+0x598/0x11c0 [ 1311.840705] ? kfree+0xd7/0x340 [ 1311.840992] kmemdup_nul+0x2d/0xa0 [ 1311.841304] p9_client_create+0x598/0x11c0 [ 1311.841679] ? p9_client_flush+0x430/0x430 [ 1311.842042] ? trace_hardirqs_on+0x5b/0x180 [ 1311.842413] ? lockdep_init_map_type+0x2c7/0x780 [ 1311.842820] ? __raw_spin_lock_init+0x36/0x110 [ 1311.843215] v9fs_session_init+0x1dd/0x1680 [ 1311.843582] ? lock_release+0x680/0x680 [ 1311.843928] ? kmem_cache_alloc_trace+0x151/0x320 [ 1311.844337] ? v9fs_show_options+0x690/0x690 [ 1311.844717] ? trace_hardirqs_on+0x5b/0x180 [ 1311.845088] ? kasan_unpoison_shadow+0x33/0x50 [ 1311.845495] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1311.845931] v9fs_mount+0x79/0x8f0 [ 1311.846238] ? v9fs_write_inode+0x60/0x60 [ 1311.846595] legacy_get_tree+0x105/0x220 [ 1311.846946] vfs_get_tree+0x8e/0x300 [ 1311.847265] path_mount+0x1429/0x2120 [ 1311.847596] ? strncpy_from_user+0x9e/0x470 [ 1311.847963] ? finish_automount+0xa90/0xa90 [ 1311.848331] ? getname_flags.part.0+0x1dd/0x4f0 [ 1311.848829] ? _copy_from_user+0xfb/0x1b0 14:08:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfeff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xf6ffffff00000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1311.849187] __x64_sys_mount+0x282/0x300 [ 1311.849649] ? copy_mnt_ns+0xa00/0xa00 [ 1311.849983] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1311.850428] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1311.850866] do_syscall_64+0x33/0x40 [ 1311.851183] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1311.851621] RIP: 0033:0x7f78e3094b19 [ 1311.851940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1311.853523] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1311.854169] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1311.854771] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1311.855373] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1311.855976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1311.856576] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:08:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xff03, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 27) 14:08:08 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3faa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1312.042176] FAULT_INJECTION: forcing a failure. [ 1312.042176] name failslab, interval 1, probability 0, space 0, times 0 [ 1312.043261] CPU: 1 PID: 28327 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1312.043839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1312.044536] Call Trace: [ 1312.044769] dump_stack+0x107/0x167 [ 1312.045087] should_fail.cold+0x5/0xa [ 1312.045431] ? create_object.isra.0+0x3a/0xa20 [ 1312.045824] should_failslab+0x5/0x20 [ 1312.046150] kmem_cache_alloc+0x5b/0x310 [ 1312.046498] ? match_token+0x316/0x570 [ 1312.046832] create_object.isra.0+0x3a/0xa20 [ 1312.047206] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1312.047640] __kmalloc_track_caller+0x177/0x370 [ 1312.048041] ? p9_client_create+0x598/0x11c0 [ 1312.048421] kmemdup_nul+0x2d/0xa0 [ 1312.048726] p9_client_create+0x598/0x11c0 [ 1312.049090] ? p9_client_flush+0x430/0x430 [ 1312.049470] ? trace_hardirqs_on+0x5b/0x180 [ 1312.049842] ? lockdep_init_map_type+0x2c7/0x780 [ 1312.050250] ? __raw_spin_lock_init+0x36/0x110 [ 1312.050642] v9fs_session_init+0x1dd/0x1680 [ 1312.051015] ? lock_release+0x680/0x680 [ 1312.051358] ? kmem_cache_alloc_trace+0x151/0x320 [ 1312.051766] ? v9fs_show_options+0x690/0x690 [ 1312.052145] ? trace_hardirqs_on+0x5b/0x180 [ 1312.052514] ? kasan_unpoison_shadow+0x33/0x50 [ 1312.052904] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1312.053382] v9fs_mount+0x79/0x8f0 [ 1312.053688] ? v9fs_write_inode+0x60/0x60 [ 1312.054044] legacy_get_tree+0x105/0x220 [ 1312.054390] vfs_get_tree+0x8e/0x300 [ 1312.054707] path_mount+0x1429/0x2120 [ 1312.055036] ? strncpy_from_user+0x9e/0x470 [ 1312.055404] ? finish_automount+0xa90/0xa90 [ 1312.055772] ? getname_flags.part.0+0x1dd/0x4f0 [ 1312.056168] ? _copy_from_user+0xfb/0x1b0 [ 1312.056526] __x64_sys_mount+0x282/0x300 [ 1312.056871] ? copy_mnt_ns+0xa00/0xa00 [ 1312.057209] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1312.057680] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1312.058118] do_syscall_64+0x33/0x40 [ 1312.058439] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1312.058875] RIP: 0033:0x7f78e3094b19 [ 1312.059195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1312.060742] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1312.061540] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1312.062771] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1312.064000] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1312.065220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1312.066774] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:08:28 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6e9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 28) 14:08:28 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfffe, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xffff000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x700000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1331.978161] FAULT_INJECTION: forcing a failure. [ 1331.978161] name failslab, interval 1, probability 0, space 0, times 0 [ 1331.979278] CPU: 0 PID: 28620 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1331.979877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1331.980581] Call Trace: [ 1331.980814] dump_stack+0x107/0x167 [ 1331.981131] should_fail.cold+0x5/0xa [ 1331.981471] should_failslab+0x5/0x20 [ 1331.981818] __kmalloc_track_caller+0x79/0x370 [ 1331.982213] ? parse_opts.part.0+0x8e/0x340 [ 1331.982594] kstrdup+0x36/0x70 [ 1331.982872] parse_opts.part.0+0x8e/0x340 [ 1331.983231] ? p9_fd_show_options+0x1c0/0x1c0 [ 1331.983626] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1331.984077] ? quarantine_put+0x8b/0x1a0 [ 1331.984429] ? trace_hardirqs_on+0x5b/0x180 [ 1331.984803] ? kfree+0xd7/0x340 [ 1331.985094] p9_fd_create+0x98/0x4a0 [ 1331.985418] ? p9_conn_create+0x510/0x510 [ 1331.985795] ? p9_client_create+0x798/0x11c0 [ 1331.986174] ? kfree+0xd7/0x340 [ 1331.986471] p9_client_create+0x7ff/0x11c0 [ 1331.986840] ? p9_client_flush+0x430/0x430 [ 1331.987206] ? trace_hardirqs_on+0x5b/0x180 [ 1331.987581] ? lockdep_init_map_type+0x2c7/0x780 [ 1331.987995] ? __raw_spin_lock_init+0x36/0x110 [ 1331.988393] v9fs_session_init+0x1dd/0x1680 [ 1331.988766] ? lock_release+0x680/0x680 [ 1331.989115] ? kmem_cache_alloc_trace+0x151/0x320 [ 1331.989537] ? v9fs_show_options+0x690/0x690 [ 1331.989942] ? trace_hardirqs_on+0x5b/0x180 [ 1331.990312] ? kasan_unpoison_shadow+0x33/0x50 [ 1331.990703] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1331.991139] v9fs_mount+0x79/0x8f0 [ 1331.991445] ? v9fs_write_inode+0x60/0x60 [ 1331.991801] legacy_get_tree+0x105/0x220 [ 1331.992149] vfs_get_tree+0x8e/0x300 [ 1331.992466] path_mount+0x1429/0x2120 [ 1331.992795] ? strncpy_from_user+0x9e/0x470 [ 1331.993165] ? finish_automount+0xa90/0xa90 [ 1331.993544] ? getname_flags.part.0+0x1dd/0x4f0 [ 1331.993957] ? _copy_from_user+0xfb/0x1b0 [ 1331.994321] __x64_sys_mount+0x282/0x300 [ 1331.994670] ? copy_mnt_ns+0xa00/0xa00 [ 1331.995009] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1331.995464] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1331.995911] do_syscall_64+0x33/0x40 [ 1331.996233] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1331.996672] RIP: 0033:0x7f78e3094b19 [ 1331.996995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1331.998578] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1331.999230] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1331.999841] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1332.000453] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1332.001061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1332.001691] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1332.002351] 9pnet: Insufficient options for proto=fd 14:08:28 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x80000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 29) 14:08:28 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x22, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x800000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:28 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6ea, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1332.223743] 9pnet: Insufficient options for proto=fd [ 1332.271604] FAULT_INJECTION: forcing a failure. [ 1332.271604] name failslab, interval 1, probability 0, space 0, times 0 [ 1332.272635] CPU: 0 PID: 29561 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1332.273218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1332.274676] Call Trace: [ 1332.275124] dump_stack+0x107/0x167 [ 1332.275744] should_fail.cold+0x5/0xa [ 1332.276405] should_failslab+0x5/0x20 [ 1332.277052] __kmalloc_track_caller+0x79/0x370 [ 1332.277691] ? parse_opts.part.0+0x8e/0x340 [ 1332.278070] kstrdup+0x36/0x70 [ 1332.278349] parse_opts.part.0+0x8e/0x340 [ 1332.278711] ? p9_fd_show_options+0x1c0/0x1c0 [ 1332.279102] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1332.279548] ? quarantine_put+0x8b/0x1a0 [ 1332.279893] ? trace_hardirqs_on+0x5b/0x180 [ 1332.280260] ? kfree+0xd7/0x340 [ 1332.280550] p9_fd_create+0x98/0x4a0 [ 1332.280870] ? p9_conn_create+0x510/0x510 [ 1332.281228] ? p9_client_create+0x798/0x11c0 [ 1332.281620] ? kfree+0xd7/0x340 [ 1332.281907] p9_client_create+0x7ff/0x11c0 [ 1332.282279] ? p9_client_flush+0x430/0x430 [ 1332.282639] ? trace_hardirqs_on+0x5b/0x180 [ 1332.283009] ? lockdep_init_map_type+0x2c7/0x780 [ 1332.283421] ? __raw_spin_lock_init+0x36/0x110 [ 1332.283815] v9fs_session_init+0x1dd/0x1680 [ 1332.284187] ? lock_release+0x680/0x680 [ 1332.284537] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1332.284998] ? trace_hardirqs_on+0x5b/0x180 [ 1332.285374] ? v9fs_show_options+0x690/0x690 [ 1332.285769] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1332.286209] ? kasan_unpoison_shadow+0x33/0x50 [ 1332.286604] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1332.287037] v9fs_mount+0x79/0x8f0 [ 1332.287344] ? v9fs_write_inode+0x60/0x60 [ 1332.287704] legacy_get_tree+0x105/0x220 [ 1332.288057] vfs_get_tree+0x8e/0x300 [ 1332.288377] path_mount+0x1429/0x2120 [ 1332.288709] ? strncpy_from_user+0x9e/0x470 [ 1332.289081] ? finish_automount+0xa90/0xa90 [ 1332.289453] ? getname_flags.part.0+0x1dd/0x4f0 [ 1332.289865] ? _copy_from_user+0xfb/0x1b0 [ 1332.290221] __x64_sys_mount+0x282/0x300 [ 1332.290571] ? copy_mnt_ns+0xa00/0xa00 [ 1332.290907] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1332.291356] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1332.291801] do_syscall_64+0x33/0x40 [ 1332.292126] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1332.292561] RIP: 0033:0x7f78e3094b19 [ 1332.292879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1332.294446] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1332.295099] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1332.295705] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1332.296316] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1332.296919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1332.297530] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1332.298296] 9pnet: Insufficient options for proto=fd 14:08:28 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:42 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:42 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x40aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:42 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6eb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:42 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x900000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:42 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:42 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:42 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x2c, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:42 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 30) 14:08:42 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1346.319569] FAULT_INJECTION: forcing a failure. [ 1346.319569] name failslab, interval 1, probability 0, space 0, times 0 [ 1346.321352] CPU: 1 PID: 30005 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1346.321957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1346.322703] Call Trace: [ 1346.322938] dump_stack+0x107/0x167 [ 1346.323299] should_fail.cold+0x5/0xa [ 1346.323630] should_failslab+0x5/0x20 [ 1346.323955] __kmalloc_track_caller+0x79/0x370 [ 1346.324396] ? match_number+0xaf/0x1d0 [ 1346.324738] kmemdup_nul+0x2d/0xa0 [ 1346.325045] match_number+0xaf/0x1d0 [ 1346.325418] ? match_u64+0x190/0x190 [ 1346.325757] ? __kmalloc_track_caller+0x2c6/0x370 [ 1346.326239] ? memcpy+0x39/0x60 [ 1346.326533] parse_opts.part.0+0x1f3/0x340 [ 1346.326898] ? p9_fd_show_options+0x1c0/0x1c0 [ 1346.327337] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1346.327787] ? trace_hardirqs_on+0x5b/0x180 [ 1346.328166] ? kfree+0xd7/0x340 [ 1346.328454] p9_fd_create+0x98/0x4a0 [ 1346.328776] ? p9_conn_create+0x510/0x510 [ 1346.329132] ? p9_client_create+0x798/0x11c0 [ 1346.329610] ? kfree+0xd7/0x340 [ 1346.329927] p9_client_create+0x7ff/0x11c0 [ 1346.330299] ? p9_client_flush+0x430/0x430 [ 1346.330723] ? trace_hardirqs_on+0x5b/0x180 [ 1346.331098] ? lockdep_init_map_type+0x2c7/0x780 [ 1346.331556] ? __raw_spin_lock_init+0x36/0x110 [ 1346.331966] v9fs_session_init+0x1dd/0x1680 [ 1346.332340] ? lock_release+0x680/0x680 [ 1346.332751] ? kmem_cache_alloc_trace+0x151/0x320 [ 1346.333168] ? v9fs_show_options+0x690/0x690 [ 1346.333686] ? trace_hardirqs_on+0x5b/0x180 [ 1346.334068] ? kasan_unpoison_shadow+0x33/0x50 [ 1346.334462] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1346.334954] v9fs_mount+0x79/0x8f0 [ 1346.335263] ? v9fs_write_inode+0x60/0x60 [ 1346.335675] legacy_get_tree+0x105/0x220 [ 1346.336030] vfs_get_tree+0x8e/0x300 [ 1346.336351] path_mount+0x1429/0x2120 [ 1346.336749] ? strncpy_from_user+0x9e/0x470 [ 1346.337119] ? finish_automount+0xa90/0xa90 [ 1346.337491] ? getname_flags.part.0+0x1dd/0x4f0 [ 1346.337988] ? _copy_from_user+0xfb/0x1b0 [ 1346.338353] __x64_sys_mount+0x282/0x300 [ 1346.338704] ? copy_mnt_ns+0xa00/0xa00 [ 1346.339042] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1346.339494] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1346.339934] do_syscall_64+0x33/0x40 [ 1346.340254] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1346.340693] RIP: 0033:0x7f78e3094b19 [ 1346.341014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1346.342591] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1346.343238] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1346.343839] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1346.344438] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1346.345042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1346.345643] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1346.353187] 9pnet: Insufficient options for proto=fd 14:08:42 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x41aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1346.436431] 9pnet: Insufficient options for proto=fd 14:08:42 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xa00000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xb00000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x42aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x22, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6ec, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 31) [ 1360.463024] 9pnet: Insufficient options for proto=fd 14:08:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x5000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1360.477830] FAULT_INJECTION: forcing a failure. [ 1360.477830] name failslab, interval 1, probability 0, space 0, times 0 [ 1360.478918] CPU: 0 PID: 30889 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1360.479508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1360.480233] Call Trace: [ 1360.480484] dump_stack+0x107/0x167 [ 1360.480829] should_fail.cold+0x5/0xa [ 1360.481161] ? create_object.isra.0+0x3a/0xa20 [ 1360.481573] should_failslab+0x5/0x20 [ 1360.481913] kmem_cache_alloc+0x5b/0x310 [ 1360.482265] create_object.isra.0+0x3a/0xa20 [ 1360.482667] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1360.483104] __kmalloc_track_caller+0x177/0x370 [ 1360.483506] ? match_number+0xaf/0x1d0 [ 1360.483887] kmemdup_nul+0x2d/0xa0 [ 1360.484194] match_number+0xaf/0x1d0 [ 1360.484520] ? match_u64+0x190/0x190 [ 1360.484879] ? __kmalloc_track_caller+0x2c6/0x370 [ 1360.485286] ? memcpy+0x39/0x60 [ 1360.485573] parse_opts.part.0+0x1f3/0x340 [ 1360.485991] ? p9_fd_show_options+0x1c0/0x1c0 [ 1360.486379] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1360.486866] ? trace_hardirqs_on+0x5b/0x180 [ 1360.487236] ? kfree+0xd7/0x340 [ 1360.487524] p9_fd_create+0x98/0x4a0 [ 1360.487880] ? p9_conn_create+0x510/0x510 [ 1360.488233] ? p9_client_create+0x798/0x11c0 [ 1360.488604] ? kfree+0xd7/0x340 [ 1360.488928] p9_client_create+0x7ff/0x11c0 [ 1360.489317] ? p9_client_flush+0x430/0x430 [ 1360.489696] ? trace_hardirqs_on+0x5b/0x180 [ 1360.490092] ? lockdep_init_map_type+0x2c7/0x780 [ 1360.490515] ? __raw_spin_lock_init+0x36/0x110 [ 1360.490938] v9fs_session_init+0x1dd/0x1680 [ 1360.491308] ? lock_release+0x680/0x680 [ 1360.491672] ? kmem_cache_alloc_trace+0x151/0x320 [ 1360.492100] ? v9fs_show_options+0x690/0x690 [ 1360.492488] ? trace_hardirqs_on+0x5b/0x180 [ 1360.492890] ? kasan_unpoison_shadow+0x33/0x50 [ 1360.493276] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1360.493731] v9fs_mount+0x79/0x8f0 [ 1360.494058] ? v9fs_write_inode+0x60/0x60 [ 1360.494416] legacy_get_tree+0x105/0x220 [ 1360.494800] vfs_get_tree+0x8e/0x300 [ 1360.495120] path_mount+0x1429/0x2120 [ 1360.495455] ? strncpy_from_user+0x9e/0x470 [ 1360.495862] ? finish_automount+0xa90/0xa90 [ 1360.496232] ? getname_flags.part.0+0x1dd/0x4f0 [ 1360.496666] ? _copy_from_user+0xfb/0x1b0 [ 1360.497042] __x64_sys_mount+0x282/0x300 [ 1360.497387] ? copy_mnt_ns+0xa00/0xa00 [ 1360.497758] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1360.498218] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1360.498660] do_syscall_64+0x33/0x40 [ 1360.499015] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1360.499450] RIP: 0033:0x7f78e3094b19 [ 1360.499792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1360.501368] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1360.502060] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1360.502679] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1360.503312] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1360.503945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1360.504562] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:08:56 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x6000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x1000000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x22, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x43aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6ed, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1360.688524] 9pnet: Insufficient options for proto=fd 14:08:56 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3a01, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:57 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:57 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 32) 14:08:57 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2000000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:57 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x44aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:08:57 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6ee, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1360.855861] FAULT_INJECTION: forcing a failure. [ 1360.855861] name failslab, interval 1, probability 0, space 0, times 0 [ 1360.856924] CPU: 1 PID: 32195 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1360.857519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1360.858240] Call Trace: [ 1360.858476] dump_stack+0x107/0x167 [ 1360.858794] should_fail.cold+0x5/0xa [ 1360.859130] should_failslab+0x5/0x20 [ 1360.859459] __kmalloc_track_caller+0x79/0x370 [ 1360.859853] ? match_number+0xaf/0x1d0 [ 1360.860187] ? kfree+0xd7/0x340 [ 1360.860477] kmemdup_nul+0x2d/0xa0 [ 1360.860783] match_number+0xaf/0x1d0 [ 1360.861103] ? match_u64+0x190/0x190 [ 1360.861426] ? __kmalloc_track_caller+0x2c6/0x370 [ 1360.861846] ? memcpy+0x39/0x60 [ 1360.862142] parse_opts.part.0+0x1f3/0x340 [ 1360.862511] ? p9_fd_show_options+0x1c0/0x1c0 [ 1360.862900] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1360.863346] ? trace_hardirqs_on+0x5b/0x180 [ 1360.863717] ? kfree+0xd7/0x340 [ 1360.864005] p9_fd_create+0x98/0x4a0 [ 1360.864325] ? p9_conn_create+0x510/0x510 [ 1360.864684] ? p9_client_create+0x798/0x11c0 [ 1360.865060] ? kfree+0xd7/0x340 [ 1360.865350] p9_client_create+0x7ff/0x11c0 [ 1360.865720] ? p9_client_flush+0x430/0x430 [ 1360.866099] ? trace_hardirqs_on+0x5b/0x180 [ 1360.866471] ? lockdep_init_map_type+0x2c7/0x780 [ 1360.866882] ? __raw_spin_lock_init+0x36/0x110 [ 1360.867276] v9fs_session_init+0x1dd/0x1680 [ 1360.867648] ? lock_release+0x680/0x680 [ 1360.867996] ? kmem_cache_alloc_trace+0x151/0x320 [ 1360.868409] ? v9fs_show_options+0x690/0x690 [ 1360.868792] ? trace_hardirqs_on+0x5b/0x180 [ 1360.869164] ? kasan_unpoison_shadow+0x33/0x50 [ 1360.869557] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1360.870012] v9fs_mount+0x79/0x8f0 [ 1360.870329] ? v9fs_write_inode+0x60/0x60 [ 1360.870685] legacy_get_tree+0x105/0x220 [ 1360.871035] vfs_get_tree+0x8e/0x300 [ 1360.871358] path_mount+0x1429/0x2120 [ 1360.871690] ? strncpy_from_user+0x9e/0x470 [ 1360.872058] ? finish_automount+0xa90/0xa90 [ 1360.872431] ? getname_flags.part.0+0x1dd/0x4f0 [ 1360.872832] ? _copy_from_user+0xfb/0x1b0 [ 1360.873190] __x64_sys_mount+0x282/0x300 [ 1360.873541] ? copy_mnt_ns+0xa00/0xa00 [ 1360.873889] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1360.874343] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1360.874786] do_syscall_64+0x33/0x40 [ 1360.875106] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1360.875546] RIP: 0033:0x7f78e3094b19 [ 1360.875866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1360.877421] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1360.878093] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1360.878706] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1360.879319] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1360.879929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1360.880536] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1360.881216] 9pnet: Insufficient options for proto=fd 14:09:11 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2010000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:11 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x2c, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:11 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6ef, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:11 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x13a, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:11 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:11 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x9000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:11 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 33) 14:09:11 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x45aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1375.063030] 9pnet: Insufficient options for proto=fd [ 1375.064966] FAULT_INJECTION: forcing a failure. [ 1375.064966] name failslab, interval 1, probability 0, space 0, times 0 [ 1375.066070] CPU: 0 PID: 32639 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1375.066704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1375.067452] Call Trace: [ 1375.067686] dump_stack+0x107/0x167 [ 1375.067996] should_fail.cold+0x5/0xa [ 1375.068372] ? create_object.isra.0+0x3a/0xa20 [ 1375.068763] should_failslab+0x5/0x20 [ 1375.069084] kmem_cache_alloc+0x5b/0x310 [ 1375.069514] create_object.isra.0+0x3a/0xa20 [ 1375.069896] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1375.070396] __kmalloc_track_caller+0x177/0x370 [ 1375.070797] ? match_number+0xaf/0x1d0 [ 1375.071192] kmemdup_nul+0x2d/0xa0 [ 1375.071500] match_number+0xaf/0x1d0 [ 1375.071818] ? match_u64+0x190/0x190 [ 1375.072184] ? __kmalloc_track_caller+0x2c6/0x370 [ 1375.072597] ? memcpy+0x39/0x60 [ 1375.072881] parse_opts.part.0+0x1f3/0x340 [ 1375.073324] ? p9_fd_show_options+0x1c0/0x1c0 [ 1375.073715] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1375.074229] ? trace_hardirqs_on+0x5b/0x180 [ 1375.074599] ? kfree+0xd7/0x340 [ 1375.074886] p9_fd_create+0x98/0x4a0 [ 1375.075262] ? p9_conn_create+0x510/0x510 [ 1375.075615] ? p9_client_create+0x798/0x11c0 [ 1375.075984] ? kfree+0xd7/0x340 [ 1375.076317] p9_client_create+0x7ff/0x11c0 [ 1375.076683] ? p9_client_flush+0x430/0x430 [ 1375.077051] ? trace_hardirqs_on+0x5b/0x180 [ 1375.077499] ? lockdep_init_map_type+0x2c7/0x780 [ 1375.077910] ? __raw_spin_lock_init+0x36/0x110 [ 1375.078368] v9fs_session_init+0x1dd/0x1680 [ 1375.078737] ? lock_release+0x680/0x680 [ 1375.079082] ? kmem_cache_alloc_trace+0x151/0x320 [ 1375.079542] ? v9fs_show_options+0x690/0x690 [ 1375.079924] ? trace_hardirqs_on+0x5b/0x180 [ 1375.080339] ? kasan_unpoison_shadow+0x33/0x50 [ 1375.080731] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1375.081250] v9fs_mount+0x79/0x8f0 [ 1375.081557] ? v9fs_write_inode+0x60/0x60 [ 1375.081914] legacy_get_tree+0x105/0x220 [ 1375.082324] vfs_get_tree+0x8e/0x300 [ 1375.082642] path_mount+0x1429/0x2120 [ 1375.082971] ? strncpy_from_user+0x9e/0x470 [ 1375.083399] ? finish_automount+0xa90/0xa90 [ 1375.083768] ? getname_flags.part.0+0x1dd/0x4f0 [ 1375.084208] ? _copy_from_user+0xfb/0x1b0 [ 1375.084564] __x64_sys_mount+0x282/0x300 [ 1375.084905] ? copy_mnt_ns+0xa00/0xa00 [ 1375.085337] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1375.085784] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1375.086278] do_syscall_64+0x33/0x40 [ 1375.086595] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1375.087029] RIP: 0033:0x7f78e3094b19 [ 1375.087401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1375.088972] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1375.089694] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1375.090357] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1375.090953] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1375.091598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1375.092242] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:09:25 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 34) 14:09:25 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x8cffffff00000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x46aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x300, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x22, {[{@version_9p2000}]}}) 14:09:25 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1388.961639] 9pnet: Insufficient options for proto=fd [ 1388.979633] FAULT_INJECTION: forcing a failure. [ 1388.979633] name failslab, interval 1, probability 0, space 0, times 0 [ 1388.982103] CPU: 1 PID: 33263 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1388.983930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1388.985620] Call Trace: [ 1388.986085] dump_stack+0x107/0x167 [ 1388.986971] should_fail.cold+0x5/0xa [ 1388.987744] ? p9_fd_create+0x161/0x4a0 [ 1388.988471] should_failslab+0x5/0x20 [ 1388.989214] kmem_cache_alloc_trace+0x55/0x320 [ 1388.993691] p9_fd_create+0x161/0x4a0 [ 1388.994466] ? p9_conn_create+0x510/0x510 [ 1388.995256] ? p9_client_create+0x798/0x11c0 [ 1388.996044] ? kfree+0xd7/0x340 [ 1388.996696] p9_client_create+0x7ff/0x11c0 [ 1388.997557] ? p9_client_flush+0x430/0x430 [ 1388.998386] ? trace_hardirqs_on+0x5b/0x180 [ 1388.999229] ? lockdep_init_map_type+0x2c7/0x780 [ 1389.000142] ? __raw_spin_lock_init+0x36/0x110 [ 1389.000999] v9fs_session_init+0x1dd/0x1680 [ 1389.001912] ? kmem_cache_alloc_trace+0x151/0x320 [ 1389.003020] ? v9fs_show_options+0x690/0x690 [ 1389.003858] ? trace_hardirqs_on+0x5b/0x180 [ 1389.004687] ? kasan_unpoison_shadow+0x33/0x50 [ 1389.005645] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1389.006731] v9fs_mount+0x79/0x8f0 [ 1389.007348] ? v9fs_write_inode+0x60/0x60 [ 1389.008118] legacy_get_tree+0x105/0x220 [ 1389.010264] vfs_get_tree+0x8e/0x300 [ 1389.010957] path_mount+0x1429/0x2120 [ 1389.011656] ? strncpy_from_user+0x9e/0x470 [ 1389.012385] ? finish_automount+0xa90/0xa90 [ 1389.013167] ? getname_flags.part.0+0x1dd/0x4f0 [ 1389.013953] ? _copy_from_user+0xfb/0x1b0 [ 1389.014828] __x64_sys_mount+0x282/0x300 [ 1389.015525] ? copy_mnt_ns+0xa00/0xa00 [ 1389.016196] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1389.017099] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1389.017988] do_syscall_64+0x33/0x40 [ 1389.018753] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1389.019617] RIP: 0033:0x7f78e3094b19 [ 1389.020252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1389.023756] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1389.025097] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1389.026380] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1389.027580] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1389.028795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1389.030030] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:09:25 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xf6ffffff00000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x47aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x10000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x500, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:25 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000, 0x22}]}}) 14:09:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f1, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1389.196589] 9pnet: Unknown protocol version 9p2000" 14:09:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0xffff000000000000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 35) 14:09:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x48aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1402.910748] FAULT_INJECTION: forcing a failure. [ 1402.910748] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.911778] CPU: 1 PID: 34434 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1402.912362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1402.913098] Call Trace: [ 1402.913334] dump_stack+0x107/0x167 [ 1402.913719] should_fail.cold+0x5/0xa [ 1402.914056] ? create_object.isra.0+0x3a/0xa20 [ 1402.914457] should_failslab+0x5/0x20 [ 1402.914825] kmem_cache_alloc+0x5b/0x310 [ 1402.915175] ? p9_fd_show_options+0x1c0/0x1c0 [ 1402.915612] create_object.isra.0+0x3a/0xa20 [ 1402.915984] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1402.916423] kmem_cache_alloc_trace+0x151/0x320 [ 1402.916864] p9_fd_create+0x161/0x4a0 [ 1402.917187] ? p9_conn_create+0x510/0x510 [ 1402.917606] ? p9_client_create+0x798/0x11c0 [ 1402.917975] ? kfree+0xd7/0x340 [ 1402.918265] p9_client_create+0x7ff/0x11c0 [ 1402.918695] ? p9_client_flush+0x430/0x430 [ 1402.919054] ? trace_hardirqs_on+0x5b/0x180 [ 1402.919432] ? lockdep_init_map_type+0x2c7/0x780 [ 1402.919892] ? __raw_spin_lock_init+0x36/0x110 [ 1402.920285] v9fs_session_init+0x1dd/0x1680 [ 1402.920701] ? lock_release+0x680/0x680 [ 1402.921050] ? kmem_cache_alloc_trace+0x151/0x320 [ 1402.921465] ? v9fs_show_options+0x690/0x690 [ 1402.922185] ? trace_hardirqs_on+0x5b/0x180 [ 1402.922622] ? kasan_unpoison_shadow+0x33/0x50 [ 1402.923019] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1402.923463] v9fs_mount+0x79/0x8f0 [ 1402.923826] ? v9fs_write_inode+0x60/0x60 [ 1402.924190] legacy_get_tree+0x105/0x220 [ 1402.924594] vfs_get_tree+0x8e/0x300 [ 1402.924917] path_mount+0x1429/0x2120 [ 1402.925247] ? strncpy_from_user+0x9e/0x470 [ 1402.925684] ? finish_automount+0xa90/0xa90 [ 1402.926051] ? getname_flags.part.0+0x1dd/0x4f0 [ 1402.926463] ? _copy_from_user+0xfb/0x1b0 [ 1402.926865] __x64_sys_mount+0x282/0x300 [ 1402.927208] ? copy_mnt_ns+0xa00/0xa00 [ 1402.927596] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1402.928047] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1402.928536] do_syscall_64+0x33/0x40 [ 1402.928864] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1402.929301] RIP: 0033:0x7f78e3094b19 [ 1402.929675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1402.931324] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1402.932026] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1402.932689] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1402.933301] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1402.933952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1402.934634] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:09:39 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x600, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa7b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20100000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x49aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x22, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa8b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x700, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1403.124246] 9pnet: Insufficient options for proto=fd 14:09:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x2}}) 14:09:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2b990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4aaa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 36) 14:09:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x2c, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1403.278413] cgroup: fork rejected by pids controller in /syz4 [ 1403.292019] 9pnet: Insufficient options for proto=fd [ 1403.304324] FAULT_INJECTION: forcing a failure. [ 1403.304324] name failslab, interval 1, probability 0, space 0, times 0 [ 1403.305308] CPU: 0 PID: 35589 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1403.305893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1403.306616] Call Trace: [ 1403.306851] dump_stack+0x107/0x167 [ 1403.307164] should_fail.cold+0x5/0xa [ 1403.307495] ? p9_client_prepare_req.part.0+0x3a/0xac0 [ 1403.307945] should_failslab+0x5/0x20 [ 1403.308272] kmem_cache_alloc+0x5b/0x310 [ 1403.308626] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1403.309062] p9_client_rpc+0x220/0x1370 [ 1403.309405] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1403.309856] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1403.310317] ? pipe_poll+0x21b/0x7f0 [ 1403.310646] ? p9_fd_close+0x4a0/0x4a0 [ 1403.310988] ? anon_pipe_buf_release+0x280/0x280 [ 1403.311393] ? p9_fd_poll+0x1e0/0x2c0 [ 1403.311723] ? p9_fd_create+0x357/0x4a0 [ 1403.312062] ? p9_conn_create+0x510/0x510 [ 1403.312415] ? p9_client_create+0x798/0x11c0 [ 1403.312789] ? kfree+0xd7/0x340 [ 1403.313077] p9_client_create+0xa76/0x11c0 [ 1403.313443] ? p9_client_flush+0x430/0x430 [ 1403.313807] ? trace_hardirqs_on+0x5b/0x180 [ 1403.314175] ? lockdep_init_map_type+0x2c7/0x780 [ 1403.314597] ? __raw_spin_lock_init+0x36/0x110 [ 1403.314990] v9fs_session_init+0x1dd/0x1680 [ 1403.315359] ? lock_release+0x680/0x680 [ 1403.315705] ? kmem_cache_alloc_trace+0x151/0x320 [ 1403.316113] ? v9fs_show_options+0x690/0x690 [ 1403.316491] ? trace_hardirqs_on+0x5b/0x180 [ 1403.316864] ? kasan_unpoison_shadow+0x33/0x50 [ 1403.317254] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1403.317694] v9fs_mount+0x79/0x8f0 [ 1403.318000] ? v9fs_write_inode+0x60/0x60 [ 1403.318369] legacy_get_tree+0x105/0x220 [ 1403.318720] vfs_get_tree+0x8e/0x300 [ 1403.319039] path_mount+0x1429/0x2120 [ 1403.319370] ? strncpy_from_user+0x9e/0x470 [ 1403.319738] ? finish_automount+0xa90/0xa90 [ 1403.320108] ? getname_flags.part.0+0x1dd/0x4f0 [ 1403.320506] ? _copy_from_user+0xfb/0x1b0 [ 1403.320864] __x64_sys_mount+0x282/0x300 [ 1403.321209] ? copy_mnt_ns+0xa00/0xa00 [ 1403.321547] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1403.321995] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1403.322446] do_syscall_64+0x33/0x40 [ 1403.322767] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1403.323205] RIP: 0033:0x7f78e3094b19 [ 1403.323527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1403.325083] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1403.325729] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1403.326339] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1403.326968] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1403.327594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1403.328220] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:09:53 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x7}}) 14:09:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x900, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 37) 14:09:53 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4baa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:53 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa9b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:53 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2c990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:53 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x22, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1417.696704] FAULT_INJECTION: forcing a failure. [ 1417.696704] name failslab, interval 1, probability 0, space 0, times 0 [ 1417.697687] CPU: 0 PID: 36103 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1417.698272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1417.698992] Call Trace: [ 1417.699226] dump_stack+0x107/0x167 [ 1417.699539] should_fail.cold+0x5/0xa [ 1417.699869] ? create_object.isra.0+0x3a/0xa20 [ 1417.700261] should_failslab+0x5/0x20 [ 1417.700589] kmem_cache_alloc+0x5b/0x310 [ 1417.700938] create_object.isra.0+0x3a/0xa20 [ 1417.701315] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1417.701490] 9pnet: Insufficient options for proto=fd [ 1417.701756] kmem_cache_alloc+0x159/0x310 [ 1417.702629] p9_client_prepare_req.part.0+0x3a/0xac0 [ 1417.703065] p9_client_rpc+0x220/0x1370 [ 1417.703411] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1417.703867] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1417.704326] ? pipe_poll+0x21b/0x7f0 [ 1417.704646] ? p9_fd_close+0x4a0/0x4a0 [ 1417.704981] ? anon_pipe_buf_release+0x280/0x280 [ 1417.705389] ? p9_fd_poll+0x1e0/0x2c0 [ 1417.705721] ? p9_fd_create+0x357/0x4a0 [ 1417.706059] ? p9_conn_create+0x510/0x510 [ 1417.706413] ? p9_client_create+0x798/0x11c0 [ 1417.706807] ? kfree+0xd7/0x340 [ 1417.707094] p9_client_create+0xa76/0x11c0 [ 1417.707461] ? p9_client_flush+0x430/0x430 [ 1417.707824] ? trace_hardirqs_on+0x5b/0x180 [ 1417.708191] ? lockdep_init_map_type+0x2c7/0x780 [ 1417.708602] ? __raw_spin_lock_init+0x36/0x110 [ 1417.709002] v9fs_session_init+0x1dd/0x1680 [ 1417.709374] ? lock_release+0x680/0x680 [ 1417.709726] ? kmem_cache_alloc_trace+0x151/0x320 [ 1417.710149] ? v9fs_show_options+0x690/0x690 [ 1417.710548] ? trace_hardirqs_on+0x5b/0x180 [ 1417.710928] ? kasan_unpoison_shadow+0x33/0x50 [ 1417.711325] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1417.711761] v9fs_mount+0x79/0x8f0 [ 1417.712070] ? v9fs_write_inode+0x60/0x60 [ 1417.712427] legacy_get_tree+0x105/0x220 [ 1417.712775] vfs_get_tree+0x8e/0x300 [ 1417.713098] path_mount+0x1429/0x2120 [ 1417.713434] ? strncpy_from_user+0x9e/0x470 [ 1417.713807] ? finish_automount+0xa90/0xa90 [ 1417.714179] ? getname_flags.part.0+0x1dd/0x4f0 [ 1417.714600] ? _copy_from_user+0xfb/0x1b0 [ 1417.714963] __x64_sys_mount+0x282/0x300 [ 1417.715314] ? copy_mnt_ns+0xa00/0xa00 [ 1417.715654] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1417.716108] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1417.716557] do_syscall_64+0x33/0x40 [ 1417.716879] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1417.717318] RIP: 0033:0x7f78e3094b19 [ 1417.717643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1417.719232] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1417.719886] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1417.720497] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1417.721107] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1417.721716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1417.722327] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:09:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2d990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:54 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4caa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:54 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaab6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:54 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x22, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:54 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:54 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 38) [ 1417.958234] 9pnet: Insufficient options for proto=fd 14:09:54 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x8}}) [ 1418.046149] FAULT_INJECTION: forcing a failure. [ 1418.046149] name failslab, interval 1, probability 0, space 0, times 0 [ 1418.047369] CPU: 1 PID: 37352 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1418.048027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1418.048818] Call Trace: [ 1418.049063] dump_stack+0x107/0x167 [ 1418.049392] should_fail.cold+0x5/0xa [ 1418.049826] ? p9_fcall_init+0x97/0x290 [ 1418.050188] should_failslab+0x5/0x20 [ 1418.050542] __kmalloc+0x72/0x390 [ 1418.050931] p9_fcall_init+0x97/0x290 [ 1418.051282] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1418.051797] p9_client_rpc+0x220/0x1370 [ 1418.052156] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1418.052674] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1418.053160] ? pipe_poll+0x21b/0x7f0 [ 1418.053498] ? p9_fd_close+0x4a0/0x4a0 [ 1418.053930] ? anon_pipe_buf_release+0x280/0x280 [ 1418.054355] ? p9_fd_poll+0x1e0/0x2c0 [ 1418.054777] ? p9_fd_create+0x357/0x4a0 [ 1418.055135] ? p9_conn_create+0x510/0x510 [ 1418.055504] ? p9_client_create+0x798/0x11c0 [ 1418.055953] ? kfree+0xd7/0x340 [ 1418.056256] p9_client_create+0xa76/0x11c0 [ 1418.056690] ? p9_client_flush+0x430/0x430 [ 1418.057081] ? trace_hardirqs_on+0x5b/0x180 [ 1418.057474] ? lockdep_init_map_type+0x2c7/0x780 [ 1418.057984] ? __raw_spin_lock_init+0x36/0x110 [ 1418.058403] v9fs_session_init+0x1dd/0x1680 [ 1418.058866] ? lock_release+0x680/0x680 [ 1418.059227] ? kmem_cache_alloc_trace+0x151/0x320 [ 1418.059712] ? v9fs_show_options+0x690/0x690 [ 1418.060110] ? trace_hardirqs_on+0x5b/0x180 [ 1418.060500] ? kasan_unpoison_shadow+0x33/0x50 [ 1418.060967] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1418.061429] v9fs_mount+0x79/0x8f0 [ 1418.061837] ? v9fs_write_inode+0x60/0x60 [ 1418.062210] legacy_get_tree+0x105/0x220 [ 1418.062596] vfs_get_tree+0x8e/0x300 [ 1418.062978] path_mount+0x1429/0x2120 [ 1418.063325] ? strncpy_from_user+0x9e/0x470 [ 1418.063763] ? finish_automount+0xa90/0xa90 [ 1418.064148] ? getname_flags.part.0+0x1dd/0x4f0 [ 1418.064561] ? _copy_from_user+0xfb/0x1b0 [ 1418.064991] __x64_sys_mount+0x282/0x300 [ 1418.065355] ? copy_mnt_ns+0xa00/0xa00 [ 1418.065813] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1418.066280] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1418.066807] do_syscall_64+0x33/0x40 [ 1418.067142] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1418.067594] RIP: 0033:0x7f78e3094b19 [ 1418.067980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1418.069728] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1418.070402] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1418.071096] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1418.071776] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1418.072405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1418.073078] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:09:54 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xabb6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:09:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:09 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x9}}) 14:10:09 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:09 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 39) 14:10:09 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4daa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:09 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x2c, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:09 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xacb6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1433.209860] FAULT_INJECTION: forcing a failure. [ 1433.209860] name failslab, interval 1, probability 0, space 0, times 0 [ 1433.211008] CPU: 0 PID: 37774 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1433.211692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1433.212435] Call Trace: [ 1433.212737] dump_stack+0x107/0x167 [ 1433.213074] should_fail.cold+0x5/0xa [ 1433.213430] ? create_object.isra.0+0x3a/0xa20 [ 1433.214100] should_failslab+0x5/0x20 [ 1433.214452] kmem_cache_alloc+0x5b/0x310 [ 1433.215055] create_object.isra.0+0x3a/0xa20 [ 1433.215534] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1433.216091] __kmalloc+0x16e/0x390 [ 1433.216447] p9_fcall_init+0x97/0x290 [ 1433.216923] p9_client_prepare_req.part.0+0x8c/0xac0 [ 1433.217422] p9_client_rpc+0x220/0x1370 [ 1433.217916] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1433.218431] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1433.219240] ? pipe_poll+0x21b/0x7f0 [ 1433.219766] ? p9_fd_close+0x4a0/0x4a0 [ 1433.220124] ? anon_pipe_buf_release+0x280/0x280 [ 1433.220607] ? p9_fd_poll+0x1e0/0x2c0 [ 1433.221021] ? p9_fd_create+0x357/0x4a0 [ 1433.221388] ? p9_conn_create+0x510/0x510 [ 1433.221874] ? p9_client_create+0x798/0x11c0 [ 1433.222275] ? kfree+0xd7/0x340 [ 1433.223235] p9_client_create+0xa76/0x11c0 [ 1433.223902] ? p9_client_flush+0x430/0x430 [ 1433.224312] ? trace_hardirqs_on+0x5b/0x180 [ 1433.224789] ? lockdep_init_map_type+0x2c7/0x780 [ 1433.225250] ? __raw_spin_lock_init+0x36/0x110 [ 1433.225750] v9fs_session_init+0x1dd/0x1680 [ 1433.226168] ? lock_release+0x680/0x680 [ 1433.226660] ? kmem_cache_alloc_trace+0x151/0x320 [ 1433.227135] ? v9fs_show_options+0x690/0x690 [ 1433.227612] ? trace_hardirqs_on+0x5b/0x180 [ 1433.228013] ? kasan_unpoison_shadow+0x33/0x50 [ 1433.228429] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1433.228973] v9fs_mount+0x79/0x8f0 [ 1433.229304] ? v9fs_write_inode+0x60/0x60 [ 1433.229735] legacy_get_tree+0x105/0x220 [ 1433.230112] vfs_get_tree+0x8e/0x300 [ 1433.230454] path_mount+0x1429/0x2120 [ 1433.230880] ? strncpy_from_user+0x9e/0x470 [ 1433.231301] ? finish_automount+0xa90/0xa90 [ 1433.231778] ? getname_flags.part.0+0x1dd/0x4f0 [ 1433.232243] ? _copy_from_user+0xfb/0x1b0 [ 1433.232715] __x64_sys_mount+0x282/0x300 [ 1433.233114] ? copy_mnt_ns+0xa00/0xa00 [ 1433.233576] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1433.234059] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1433.234586] do_syscall_64+0x33/0x40 [ 1433.234943] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1433.235416] RIP: 0033:0x7f78e3094b19 [ 1433.235813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1433.237564] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1433.238257] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1433.239004] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1433.242936] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1433.244063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1433.244876] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1433.268250] 9pnet: Insufficient options for proto=fd 14:10:09 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2f990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1020, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 40) 14:10:24 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x18b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xadb6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x22, {[{@version_9p2000}]}}) [ 1447.872307] FAULT_INJECTION: forcing a failure. [ 1447.872307] name failslab, interval 1, probability 0, space 0, times 0 [ 1447.873539] CPU: 1 PID: 38718 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1447.874180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1447.874999] Call Trace: [ 1447.875245] dump_stack+0x107/0x167 [ 1447.875669] should_fail.cold+0x5/0xa [ 1447.876016] ? p9_fcall_init+0x97/0x290 [ 1447.876360] should_failslab+0x5/0x20 [ 1447.876793] __kmalloc+0x72/0x390 [ 1447.877104] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1447.877580] p9_fcall_init+0x97/0x290 [ 1447.877997] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1447.878436] p9_client_rpc+0x220/0x1370 [ 1447.878920] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1447.879386] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1447.879920] ? pipe_poll+0x21b/0x7f0 [ 1447.880254] ? p9_fd_close+0x4a0/0x4a0 [ 1447.880742] ? anon_pipe_buf_release+0x280/0x280 [ 1447.881225] ? p9_fd_poll+0x1e0/0x2c0 [ 1447.881602] ? p9_fd_create+0x357/0x4a0 [ 1447.882013] ? p9_conn_create+0x510/0x510 14:10:24 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4eaa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0xa}}) 14:10:24 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x30990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1447.882383] ? p9_client_create+0x798/0x11c0 [ 1447.884746] ? kfree+0xd7/0x340 [ 1447.885030] p9_client_create+0xa76/0x11c0 [ 1447.885412] ? p9_client_flush+0x430/0x430 [ 1447.885879] ? trace_hardirqs_on+0x5b/0x180 [ 1447.886246] ? lockdep_init_map_type+0x2c7/0x780 [ 1447.886761] ? __raw_spin_lock_init+0x36/0x110 [ 1447.887186] v9fs_session_init+0x1dd/0x1680 [ 1447.887689] ? lock_release+0x680/0x680 [ 1447.888030] ? kmem_cache_alloc_trace+0x151/0x320 [ 1447.890398] ? v9fs_show_options+0x690/0x690 [ 1447.890890] ? trace_hardirqs_on+0x5b/0x180 [ 1447.891262] ? kasan_unpoison_shadow+0x33/0x50 [ 1447.891783] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1447.892223] v9fs_mount+0x79/0x8f0 [ 1447.892580] ? v9fs_write_inode+0x60/0x60 [ 1447.893519] legacy_get_tree+0x105/0x220 [ 1447.893959] vfs_get_tree+0x8e/0x300 [ 1447.894277] path_mount+0x1429/0x2120 [ 1447.894696] ? strncpy_from_user+0x9e/0x470 [ 1447.895102] ? finish_automount+0xa90/0xa90 [ 1447.895541] ? getname_flags.part.0+0x1dd/0x4f0 [ 1447.896000] ? _copy_from_user+0xfb/0x1b0 [ 1447.896360] __x64_sys_mount+0x282/0x300 [ 1447.896793] ? copy_mnt_ns+0xa00/0xa00 [ 1447.897145] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1447.897706] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1447.898165] do_syscall_64+0x33/0x40 [ 1447.898527] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1447.899060] RIP: 0033:0x7f78e3094b19 [ 1447.899398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1447.901161] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1447.901935] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1447.902597] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1447.903270] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1447.903971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1447.904703] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1447.922013] 9pnet: Insufficient options for proto=fd 14:10:24 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 41) 14:10:24 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6f9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x19b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1448.048979] FAULT_INJECTION: forcing a failure. [ 1448.048979] name failslab, interval 1, probability 0, space 0, times 0 [ 1448.050029] CPU: 1 PID: 39354 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1448.050660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.051392] Call Trace: [ 1448.051683] dump_stack+0x107/0x167 [ 1448.052001] should_fail.cold+0x5/0xa [ 1448.052324] ? create_object.isra.0+0x3a/0xa20 [ 1448.052771] should_failslab+0x5/0x20 [ 1448.053093] kmem_cache_alloc+0x5b/0x310 [ 1448.053435] create_object.isra.0+0x3a/0xa20 [ 1448.053863] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1448.054290] __kmalloc+0x16e/0x390 [ 1448.054611] p9_fcall_init+0x97/0x290 [ 1448.055009] p9_client_prepare_req.part.0+0xf4/0xac0 [ 1448.055442] p9_client_rpc+0x220/0x1370 [ 1448.055865] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1448.056315] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1448.056820] ? pipe_poll+0x21b/0x7f0 [ 1448.057133] ? p9_fd_close+0x4a0/0x4a0 [ 1448.057462] ? anon_pipe_buf_release+0x280/0x280 [ 1448.057923] ? p9_fd_poll+0x1e0/0x2c0 [ 1448.058252] ? p9_fd_create+0x357/0x4a0 [ 1448.058590] ? p9_conn_create+0x510/0x510 [ 1448.059014] ? p9_client_create+0x798/0x11c0 [ 1448.059391] ? kfree+0xd7/0x340 [ 1448.059741] p9_client_create+0xa76/0x11c0 [ 1448.060120] ? p9_client_flush+0x430/0x430 [ 1448.060481] ? trace_hardirqs_on+0x5b/0x180 [ 1448.060900] ? lockdep_init_map_type+0x2c7/0x780 [ 1448.061312] ? __raw_spin_lock_init+0x36/0x110 [ 1448.061746] v9fs_session_init+0x1dd/0x1680 [ 1448.062125] ? lock_release+0x680/0x680 [ 1448.062472] ? kmem_cache_alloc_trace+0x151/0x320 [ 1448.062944] ? v9fs_show_options+0x690/0x690 [ 1448.063342] ? trace_hardirqs_on+0x5b/0x180 [ 1448.063762] ? kasan_unpoison_shadow+0x33/0x50 [ 1448.064161] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1448.064597] v9fs_mount+0x79/0x8f0 [ 1448.064967] ? v9fs_write_inode+0x60/0x60 [ 1448.065334] legacy_get_tree+0x105/0x220 [ 1448.065730] vfs_get_tree+0x8e/0x300 [ 1448.066045] path_mount+0x1429/0x2120 [ 1448.066388] ? strncpy_from_user+0x9e/0x470 [ 1448.066800] ? finish_automount+0xa90/0xa90 [ 1448.067193] ? getname_flags.part.0+0x1dd/0x4f0 [ 1448.067610] ? _copy_from_user+0xfb/0x1b0 [ 1448.068016] __x64_sys_mount+0x282/0x300 [ 1448.068374] ? copy_mnt_ns+0xa00/0xa00 [ 1448.068751] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1448.069194] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.069731] do_syscall_64+0x33/0x40 [ 1448.070053] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1448.070506] RIP: 0033:0x7f78e3094b19 [ 1448.070882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.072473] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1448.073163] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1448.073812] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1448.074402] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1448.075080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.075775] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1448.241637] 9pnet: Unknown protocol version 9p2000" 14:10:24 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaeb6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x31990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0xb}}) 14:10:24 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1ab9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000, 0x22}]}}) 14:10:24 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4faa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6fa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 42) 14:10:24 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xafb6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x32990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1448.339853] FAULT_INJECTION: forcing a failure. [ 1448.339853] name failslab, interval 1, probability 0, space 0, times 0 [ 1448.340851] CPU: 1 PID: 40163 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1448.341444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1448.342151] Call Trace: [ 1448.342386] dump_stack+0x107/0x167 [ 1448.342708] should_fail.cold+0x5/0xa [ 1448.343060] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1448.343573] should_failslab+0x5/0x20 [ 1448.343906] kmem_cache_alloc+0x5b/0x310 [ 1448.344264] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1448.344754] idr_get_free+0x4b5/0x8f0 [ 1448.345096] idr_alloc_u32+0x170/0x2d0 [ 1448.345437] ? __fprop_inc_percpu_max+0x130/0x130 [ 1448.345860] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1448.346320] ? lock_release+0x680/0x680 [ 1448.346670] idr_alloc+0xc2/0x130 [ 1448.346999] ? idr_alloc_u32+0x2d0/0x2d0 [ 1448.347347] ? rwlock_bug.part.0+0x90/0x90 [ 1448.347729] p9_client_prepare_req.part.0+0x612/0xac0 [ 1448.348178] p9_client_rpc+0x220/0x1370 [ 1448.348521] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1448.348978] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1448.349432] ? pipe_poll+0x21b/0x7f0 [ 1448.349753] ? p9_fd_close+0x4a0/0x4a0 [ 1448.350094] ? anon_pipe_buf_release+0x280/0x280 [ 1448.350498] ? p9_fd_poll+0x1e0/0x2c0 [ 1448.350845] ? p9_fd_create+0x357/0x4a0 [ 1448.351195] ? p9_conn_create+0x510/0x510 [ 1448.351548] ? p9_client_create+0x798/0x11c0 [ 1448.351932] ? kfree+0xd7/0x340 [ 1448.352222] p9_client_create+0xa76/0x11c0 [ 1448.352598] ? p9_client_flush+0x430/0x430 [ 1448.352968] ? trace_hardirqs_on+0x5b/0x180 [ 1448.353348] ? lockdep_init_map_type+0x2c7/0x780 [ 1448.353756] ? __raw_spin_lock_init+0x36/0x110 [ 1448.354158] v9fs_session_init+0x1dd/0x1680 [ 1448.354533] ? lock_release+0x680/0x680 [ 1448.354905] ? kmem_cache_alloc_trace+0x151/0x320 [ 1448.355331] ? v9fs_show_options+0x690/0x690 [ 1448.355714] ? trace_hardirqs_on+0x5b/0x180 [ 1448.356084] ? kasan_unpoison_shadow+0x33/0x50 [ 1448.356483] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1448.356924] v9fs_mount+0x79/0x8f0 [ 1448.357237] ? v9fs_write_inode+0x60/0x60 [ 1448.357599] legacy_get_tree+0x105/0x220 [ 1448.357948] vfs_get_tree+0x8e/0x300 [ 1448.358277] path_mount+0x1429/0x2120 [ 1448.358612] ? strncpy_from_user+0x9e/0x470 [ 1448.359027] ? finish_automount+0xa90/0xa90 [ 1448.359500] ? getname_flags.part.0+0x1dd/0x4f0 [ 1448.359986] ? _copy_from_user+0xfb/0x1b0 [ 1448.360430] __x64_sys_mount+0x282/0x300 [ 1448.360844] ? copy_mnt_ns+0xa00/0xa00 [ 1448.361246] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1448.361809] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1448.362347] do_syscall_64+0x33/0x40 [ 1448.362738] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1448.363202] RIP: 0033:0x7f78e3094b19 [ 1448.363536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1448.365086] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1448.365741] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1448.366338] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1448.366961] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1448.367563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1448.368171] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:10:24 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1bb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6fb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:24 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x50aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x10}}) 14:10:39 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x2}}) 14:10:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6fc, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1463.392163] FAULT_INJECTION: forcing a failure. [ 1463.392163] name failslab, interval 1, probability 0, space 0, times 0 [ 1463.393121] CPU: 0 PID: 41016 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1463.393705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1463.394403] Call Trace: [ 1463.394636] dump_stack+0x107/0x167 14:10:39 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb0b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:39 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x33990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:39 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1cb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x51aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:39 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 43) [ 1463.394952] should_fail.cold+0x5/0xa [ 1463.403330] ? create_object.isra.0+0x3a/0xa20 [ 1463.403739] should_failslab+0x5/0x20 [ 1463.404066] kmem_cache_alloc+0x5b/0x310 [ 1463.404414] create_object.isra.0+0x3a/0xa20 [ 1463.404803] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1463.405233] kmem_cache_alloc+0x159/0x310 [ 1463.405593] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1463.406084] idr_get_free+0x4b5/0x8f0 [ 1463.406417] idr_alloc_u32+0x170/0x2d0 [ 1463.406769] ? __fprop_inc_percpu_max+0x130/0x130 [ 1463.407208] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1463.407678] ? lock_release+0x680/0x680 [ 1463.408031] idr_alloc+0xc2/0x130 [ 1463.408326] ? idr_alloc_u32+0x2d0/0x2d0 [ 1463.408668] ? rwlock_bug.part.0+0x90/0x90 [ 1463.409034] p9_client_prepare_req.part.0+0x612/0xac0 [ 1463.409473] p9_client_rpc+0x220/0x1370 [ 1463.409808] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1463.410253] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1463.410719] ? pipe_poll+0x21b/0x7f0 [ 1463.411054] ? p9_fd_close+0x4a0/0x4a0 [ 1463.411387] ? anon_pipe_buf_release+0x280/0x280 [ 1463.411785] ? p9_fd_poll+0x1e0/0x2c0 [ 1463.412113] ? p9_fd_create+0x357/0x4a0 [ 1463.412448] ? p9_conn_create+0x510/0x510 [ 1463.412816] ? p9_client_create+0x798/0x11c0 [ 1463.413187] ? kfree+0xd7/0x340 [ 1463.413471] p9_client_create+0xa76/0x11c0 [ 1463.413834] ? p9_client_flush+0x430/0x430 [ 1463.414191] ? trace_hardirqs_on+0x5b/0x180 [ 1463.414557] ? lockdep_init_map_type+0x2c7/0x780 [ 1463.414957] ? __raw_spin_lock_init+0x36/0x110 [ 1463.415364] v9fs_session_init+0x1dd/0x1680 [ 1463.415729] ? lock_release+0x680/0x680 [ 1463.416069] ? kmem_cache_alloc_trace+0x151/0x320 [ 1463.416476] ? v9fs_show_options+0x690/0x690 [ 1463.416870] ? trace_hardirqs_on+0x5b/0x180 [ 1463.417238] ? kasan_unpoison_shadow+0x33/0x50 [ 1463.417623] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1463.418055] v9fs_mount+0x79/0x8f0 [ 1463.418357] ? v9fs_write_inode+0x60/0x60 [ 1463.418708] legacy_get_tree+0x105/0x220 [ 1463.419061] vfs_get_tree+0x8e/0x300 [ 1463.419381] path_mount+0x1429/0x2120 [ 1463.419708] ? strncpy_from_user+0x9e/0x470 [ 1463.420070] ? finish_automount+0xa90/0xa90 [ 1463.420434] ? getname_flags.part.0+0x1dd/0x4f0 [ 1463.420846] ? _copy_from_user+0xfb/0x1b0 [ 1463.421201] __x64_sys_mount+0x282/0x300 [ 1463.421544] ? copy_mnt_ns+0xa00/0xa00 [ 1463.421875] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1463.422317] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1463.422771] do_syscall_64+0x33/0x40 [ 1463.423108] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1463.423540] RIP: 0033:0x7f78e3094b19 [ 1463.423857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1463.425388] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1463.426028] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1463.426624] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1463.427253] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1463.427849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1463.428444] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:10:39 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x52aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6fd, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:54 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c7766816e6f3d", @ANYRESHEX=r1, @ANYBLOB=',version=9p2000,\x00']) 14:10:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x34990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:54 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x7}}) 14:10:54 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1db9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:54 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb1b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:54 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 44) 14:10:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6fe, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:54 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x53aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1478.617761] 9pnet: Insufficient options for proto=fd [ 1478.635176] FAULT_INJECTION: forcing a failure. [ 1478.635176] name failslab, interval 1, probability 0, space 0, times 0 [ 1478.638256] CPU: 1 PID: 41964 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1478.640144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1478.642410] Call Trace: [ 1478.643137] dump_stack+0x107/0x167 [ 1478.644126] should_fail.cold+0x5/0xa [ 1478.645214] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1478.646749] should_failslab+0x5/0x20 [ 1478.647787] kmem_cache_alloc+0x5b/0x310 [ 1478.648879] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1478.650448] idr_get_free+0x4b5/0x8f0 [ 1478.651511] idr_alloc_u32+0x170/0x2d0 [ 1478.652570] ? __fprop_inc_percpu_max+0x130/0x130 [ 1478.653884] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1478.655361] ? lock_release+0x680/0x680 [ 1478.656439] idr_alloc+0xc2/0x130 [ 1478.657400] ? idr_alloc_u32+0x2d0/0x2d0 [ 1478.658502] ? rwlock_bug.part.0+0x90/0x90 [ 1478.659654] p9_client_prepare_req.part.0+0x612/0xac0 [ 1478.661025] p9_client_rpc+0x220/0x1370 [ 1478.662192] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1478.663620] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1478.665054] ? pipe_poll+0x21b/0x7f0 [ 1478.666136] ? p9_fd_close+0x4a0/0x4a0 [ 1478.667177] ? anon_pipe_buf_release+0x280/0x280 [ 1478.668462] ? p9_fd_poll+0x1e0/0x2c0 [ 1478.669501] ? p9_fd_create+0x357/0x4a0 [ 1478.670616] ? p9_conn_create+0x510/0x510 [ 1478.671758] ? p9_client_create+0x798/0x11c0 [ 1478.672946] ? kfree+0xd7/0x340 [ 1478.673852] p9_client_create+0xa76/0x11c0 [ 1478.675016] ? p9_client_flush+0x430/0x430 [ 1478.676209] ? trace_hardirqs_on+0x5b/0x180 [ 1478.677386] ? lockdep_init_map_type+0x2c7/0x780 [ 1478.678689] ? __raw_spin_lock_init+0x36/0x110 [ 1478.679902] v9fs_session_init+0x1dd/0x1680 [ 1478.681058] ? lock_release+0x680/0x680 [ 1478.682149] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1478.683608] ? trace_hardirqs_on+0x5b/0x180 [ 1478.684758] ? v9fs_show_options+0x690/0x690 [ 1478.685945] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1478.687403] ? kasan_unpoison_shadow+0x33/0x50 [ 1478.688615] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1478.689973] v9fs_mount+0x79/0x8f0 [ 1478.690930] ? v9fs_write_inode+0x60/0x60 [ 1478.692130] legacy_get_tree+0x105/0x220 [ 1478.694692] vfs_get_tree+0x8e/0x300 [ 1478.695752] path_mount+0x1429/0x2120 14:10:54 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x54aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1478.696802] ? strncpy_from_user+0x9e/0x470 [ 1478.698339] ? finish_automount+0xa90/0xa90 [ 1478.699516] ? getname_flags.part.0+0x1dd/0x4f0 14:10:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa6ff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1478.700787] ? _copy_from_user+0xfb/0x1b0 [ 1478.702119] __x64_sys_mount+0x282/0x300 [ 1478.703217] ? copy_mnt_ns+0xa00/0xa00 [ 1478.704305] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 14:10:54 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb2b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1478.705677] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1478.707288] do_syscall_64+0x33/0x40 [ 1478.708320] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1478.709631] RIP: 0033:0x7f78e3094b19 [ 1478.710472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1478.714649] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1478.716375] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1478.717990] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1478.719608] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1478.721227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1478.722931] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:10:55 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1eb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:55 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x35990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:55 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa700, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:10:55 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pread64(r0, &(0x7f0000000200)=""/78, 0x4e, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = signalfd4(r1, &(0x7f0000000280)={[0xfffffffffffffffd]}, 0x8, 0x800) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r4, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x1d}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000002c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x210000, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@afid={'afid', 0x3d, 0x500}}, {@access_uid={'access', 0x3d, r6}}], [{@hash}]}}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:10:55 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x55aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1478.943011] 9pnet: Insufficient options for proto=fd 14:11:09 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x8}}) 14:11:09 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0xac008c, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_user}, {@afid={'afid', 0x3d, 0x5}}], [{@subj_type={'subj_type', 0x3d, '9p\x00'}}, {@obj_user={'obj_user', 0x3d, '\xc6+\\-\xdd$!![/#+./'}}, {@smackfsdef={'smackfsdef', 0x3d, '9p\x00'}}]}}) r3 = gettid() timer_create(0x7, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r3}, &(0x7f0000000040)=0x0) timer_gettime(0x0, &(0x7f00000002c0)) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x20, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYRES16=r4, @ANYRESDEC=r2]) 14:11:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa701, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x36990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x1fb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x56aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 45) 14:11:09 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb3b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1493.313508] FAULT_INJECTION: forcing a failure. [ 1493.313508] name failslab, interval 1, probability 0, space 0, times 0 [ 1493.314552] CPU: 0 PID: 43562 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1493.315214] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1493.316005] Call Trace: [ 1493.316308] dump_stack+0x107/0x167 [ 1493.316692] should_fail.cold+0x5/0xa [ 1493.317020] ? create_object.isra.0+0x3a/0xa20 [ 1493.317455] should_failslab+0x5/0x20 [ 1493.317826] kmem_cache_alloc+0x5b/0x310 [ 1493.318222] create_object.isra.0+0x3a/0xa20 [ 1493.318635] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1493.319119] kmem_cache_alloc+0x159/0x310 [ 1493.319500] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1493.320026] idr_get_free+0x4b5/0x8f0 [ 1493.320431] idr_alloc_u32+0x170/0x2d0 [ 1493.320814] ? __fprop_inc_percpu_max+0x130/0x130 [ 1493.321277] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1493.321806] ? lock_release+0x680/0x680 [ 1493.322191] idr_alloc+0xc2/0x130 [ 1493.322489] ? idr_alloc_u32+0x2d0/0x2d0 [ 1493.322880] ? rwlock_bug.part.0+0x90/0x90 [ 1493.323300] p9_client_prepare_req.part.0+0x612/0xac0 [ 1493.323799] p9_client_rpc+0x220/0x1370 [ 1493.324207] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1493.324749] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1493.325247] ? pipe_poll+0x21b/0x7f0 [ 1493.325564] ? p9_fd_close+0x4a0/0x4a0 [ 1493.325941] ? anon_pipe_buf_release+0x280/0x280 [ 1493.326392] ? p9_fd_poll+0x1e0/0x2c0 [ 1493.326790] ? p9_fd_create+0x357/0x4a0 [ 1493.327183] ? p9_conn_create+0x510/0x510 [ 1493.327565] ? p9_client_create+0x798/0x11c0 [ 1493.327985] ? kfree+0xd7/0x340 [ 1493.328347] p9_client_create+0xa76/0x11c0 [ 1493.328770] ? p9_client_flush+0x430/0x430 [ 1493.329179] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1493.329648] ? lockdep_init_map_type+0x2c7/0x780 [ 1493.330064] ? __raw_spin_lock_init+0x36/0x110 [ 1493.330502] v9fs_session_init+0x1dd/0x1680 [ 1493.330939] ? lock_release+0x680/0x680 [ 1493.331343] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1493.331868] ? trace_hardirqs_on+0x5b/0x180 [ 1493.332307] ? v9fs_show_options+0x690/0x690 [ 1493.332741] ? _raw_spin_unlock_irqrestore+0x25/0x40 [ 1493.333235] ? kasan_unpoison_shadow+0x33/0x50 [ 1493.333675] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1493.334154] v9fs_mount+0x79/0x8f0 [ 1493.334462] ? v9fs_write_inode+0x60/0x60 [ 1493.334888] legacy_get_tree+0x105/0x220 [ 1493.335290] vfs_get_tree+0x8e/0x300 [ 1493.336785] path_mount+0x1429/0x2120 [ 1493.337158] ? strncpy_from_user+0x9e/0x470 [ 1493.337525] ? finish_automount+0xa90/0xa90 [ 1493.337936] ? getname_flags.part.0+0x1dd/0x4f0 [ 1493.338373] ? _copy_from_user+0xfb/0x1b0 [ 1493.338800] __x64_sys_mount+0x282/0x300 [ 1493.339195] ? copy_mnt_ns+0xa00/0xa00 [ 1493.339541] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1493.340028] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1493.340531] do_syscall_64+0x33/0x40 [ 1493.340897] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1493.341375] RIP: 0033:0x7f78e3094b19 [ 1493.341736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1493.343436] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1493.344187] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1493.344832] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1493.345480] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1493.346196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1493.346866] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:11:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x9}}) 14:11:09 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x57aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 46) 14:11:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa702, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x37990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0) r1 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) lseek(r0, 0x8000, 0x3) r3 = openat$cgroup_pressure(r2, &(0x7f0000000200)='io.pressure\x00', 0x2, 0x0) fstatfs(r0, &(0x7f0000000100)=""/64) r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) fstat(r4, &(0x7f0000000340)) r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000080)=0x14, 0x80000) ioctl$BTRFS_IOC_DEFRAG(r5, 0x50009402, 0x0) r6 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r6, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0x6, 0x3f, 0x5, 0x6, 0x0, 0x79093279, 0x4000, 0xa, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x401, 0x4, @perf_bp={&(0x7f0000000140), 0xe}, 0x1250, 0x2, 0x222e, 0x6, 0x100000000, 0x800, 0x1ff, 0x0, 0x8, 0x0, 0xbcf}, r1, 0x8, r6, 0x2) r7 = dup2(r4, r3) ioctl$AUTOFS_DEV_IOCTL_VERSION(r7, 0xc0189371, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r6}, './file0\x00'}) 14:11:09 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb4b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2010, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1493.625546] FAULT_INJECTION: forcing a failure. [ 1493.625546] name failslab, interval 1, probability 0, space 0, times 0 [ 1493.626568] CPU: 1 PID: 44586 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1493.627150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1493.627867] Call Trace: [ 1493.628105] dump_stack+0x107/0x167 [ 1493.628421] should_fail.cold+0x5/0xa [ 1493.628755] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1493.629246] should_failslab+0x5/0x20 [ 1493.629572] kmem_cache_alloc+0x5b/0x310 [ 1493.629923] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1493.630408] idr_get_free+0x4b5/0x8f0 [ 1493.630750] idr_alloc_u32+0x170/0x2d0 [ 1493.631090] ? __fprop_inc_percpu_max+0x130/0x130 [ 1493.631522] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1493.631987] ? lock_release+0x680/0x680 [ 1493.632335] idr_alloc+0xc2/0x130 [ 1493.632630] ? idr_alloc_u32+0x2d0/0x2d0 [ 1493.632978] ? rwlock_bug.part.0+0x90/0x90 [ 1493.633350] p9_client_prepare_req.part.0+0x612/0xac0 [ 1493.633792] p9_client_rpc+0x220/0x1370 [ 1493.634133] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1493.634591] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1493.635046] ? pipe_poll+0x21b/0x7f0 [ 1493.635405] ? p9_fd_close+0x4a0/0x4a0 [ 1493.635745] ? anon_pipe_buf_release+0x280/0x280 [ 1493.636157] ? p9_fd_poll+0x1e0/0x2c0 [ 1493.636489] ? p9_fd_create+0x357/0x4a0 [ 1493.636832] ? p9_conn_create+0x510/0x510 [ 1493.637184] ? p9_client_create+0x798/0x11c0 [ 1493.637561] ? kfree+0xd7/0x340 [ 1493.637850] p9_client_create+0xa76/0x11c0 [ 1493.638219] ? p9_client_flush+0x430/0x430 [ 1493.638588] ? trace_hardirqs_on+0x5b/0x180 [ 1493.638962] ? lockdep_init_map_type+0x2c7/0x780 [ 1493.639387] ? __raw_spin_lock_init+0x36/0x110 [ 1493.639789] v9fs_session_init+0x1dd/0x1680 [ 1493.640162] ? lock_release+0x680/0x680 [ 1493.640515] ? kmem_cache_alloc_trace+0x151/0x320 [ 1493.640931] ? v9fs_show_options+0x690/0x690 [ 1493.641322] ? trace_hardirqs_on+0x5b/0x180 [ 1493.641697] ? kasan_unpoison_shadow+0x33/0x50 [ 1493.642093] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1493.642539] v9fs_mount+0x79/0x8f0 [ 1493.642851] ? v9fs_write_inode+0x60/0x60 [ 1493.643208] legacy_get_tree+0x105/0x220 [ 1493.643576] vfs_get_tree+0x8e/0x300 [ 1493.643894] path_mount+0x1429/0x2120 [ 1493.644223] ? strncpy_from_user+0x9e/0x470 [ 1493.644597] ? finish_automount+0xa90/0xa90 [ 1493.644963] ? getname_flags.part.0+0x1dd/0x4f0 [ 1493.645360] ? _copy_from_user+0xfb/0x1b0 [ 1493.645719] __x64_sys_mount+0x282/0x300 [ 1493.646063] ? copy_mnt_ns+0xa00/0xa00 [ 1493.646399] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1493.646846] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1493.647288] do_syscall_64+0x33/0x40 [ 1493.647613] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1493.648049] RIP: 0033:0x7f78e3094b19 [ 1493.648374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1493.649924] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1493.650580] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1493.651182] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1493.651804] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1493.652411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1493.653013] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:11:09 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x38990000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:09 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb5b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:23 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x58aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:23 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 47) 14:11:23 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x394fc366, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x20b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa703, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:23 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0xa}}) 14:11:23 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6a7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:23 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1507.604469] FAULT_INJECTION: forcing a failure. [ 1507.604469] name failslab, interval 1, probability 0, space 0, times 0 [ 1507.605447] CPU: 1 PID: 45274 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1507.606035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1507.606740] Call Trace: [ 1507.606979] dump_stack+0x107/0x167 [ 1507.607298] should_fail.cold+0x5/0xa [ 1507.607646] ? create_object.isra.0+0x3a/0xa20 [ 1507.608046] should_failslab+0x5/0x20 [ 1507.608379] kmem_cache_alloc+0x5b/0x310 [ 1507.608735] create_object.isra.0+0x3a/0xa20 [ 1507.609121] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1507.609564] kmem_cache_alloc+0x159/0x310 [ 1507.609933] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1507.610422] idr_get_free+0x4b5/0x8f0 [ 1507.610758] idr_alloc_u32+0x170/0x2d0 [ 1507.611094] ? __fprop_inc_percpu_max+0x130/0x130 [ 1507.611522] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1507.611991] ? lock_release+0x680/0x680 [ 1507.612340] idr_alloc+0xc2/0x130 [ 1507.612638] ? idr_alloc_u32+0x2d0/0x2d0 [ 1507.612985] ? rwlock_bug.part.0+0x90/0x90 [ 1507.613358] p9_client_prepare_req.part.0+0x612/0xac0 [ 1507.613809] p9_client_rpc+0x220/0x1370 [ 1507.614154] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1507.614619] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1507.615084] ? pipe_poll+0x21b/0x7f0 [ 1507.615403] ? p9_fd_close+0x4a0/0x4a0 [ 1507.615747] ? anon_pipe_buf_release+0x280/0x280 [ 1507.616151] ? p9_fd_poll+0x1e0/0x2c0 [ 1507.616488] ? p9_fd_create+0x357/0x4a0 [ 1507.616832] ? p9_conn_create+0x510/0x510 [ 1507.617190] ? p9_client_create+0x798/0x11c0 [ 1507.617574] ? kfree+0xd7/0x340 [ 1507.617869] p9_client_create+0xa76/0x11c0 [ 1507.618240] ? p9_client_flush+0x430/0x430 [ 1507.618610] ? trace_hardirqs_on+0x5b/0x180 [ 1507.618981] ? lockdep_init_map_type+0x2c7/0x780 [ 1507.619396] ? __raw_spin_lock_init+0x36/0x110 [ 1507.619812] v9fs_session_init+0x1dd/0x1680 [ 1507.620183] ? lock_release+0x680/0x680 [ 1507.620537] ? kmem_cache_alloc_trace+0x151/0x320 [ 1507.620957] ? v9fs_show_options+0x690/0x690 [ 1507.621343] ? trace_hardirqs_on+0x5b/0x180 [ 1507.621721] ? kasan_unpoison_shadow+0x33/0x50 [ 1507.622116] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1507.622557] v9fs_mount+0x79/0x8f0 [ 1507.622870] ? v9fs_write_inode+0x60/0x60 [ 1507.623231] legacy_get_tree+0x105/0x220 [ 1507.623603] vfs_get_tree+0x8e/0x300 [ 1507.623927] path_mount+0x1429/0x2120 [ 1507.624261] ? strncpy_from_user+0x9e/0x470 [ 1507.624628] ? finish_automount+0xa90/0xa90 [ 1507.624997] ? getname_flags.part.0+0x1dd/0x4f0 [ 1507.625396] ? _copy_from_user+0xfb/0x1b0 [ 1507.625762] __x64_sys_mount+0x282/0x300 [ 1507.626112] ? copy_mnt_ns+0xa00/0xa00 [ 1507.626449] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1507.626900] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1507.627339] do_syscall_64+0x33/0x40 [ 1507.627668] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1507.628103] RIP: 0033:0x7f78e3094b19 [ 1507.628421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1507.629971] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1507.630616] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1507.631217] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1507.631834] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1507.632445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1507.633057] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:11:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa704, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:23 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3f000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr(r1, &(0x7f0000000000)=@random={'system.', '}%[:P#$:\x00'}, &(0x7f0000000080)='9p\x00', 0x3, 0x2) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f58a72730deee2f3add9e84c6d58efa30b7ecc62d5b", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',version=9p2000,\x00']) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40042409, 0x0) 14:11:37 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x40000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa705, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x59aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6a8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 48) [ 1521.588910] 9pnet: Insufficient options for proto=fd 14:11:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x21b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0xb}}) [ 1521.611332] FAULT_INJECTION: forcing a failure. [ 1521.611332] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.612292] CPU: 1 PID: 46267 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1521.612872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1521.613644] Call Trace: [ 1521.613924] dump_stack+0x107/0x167 [ 1521.614239] should_fail.cold+0x5/0xa [ 1521.614568] ? create_object.isra.0+0x3a/0xa20 [ 1521.614962] should_failslab+0x5/0x20 [ 1521.615288] kmem_cache_alloc+0x5b/0x310 [ 1521.615639] create_object.isra.0+0x3a/0xa20 [ 1521.616034] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1521.616467] kmem_cache_alloc+0x159/0x310 [ 1521.616829] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1521.617308] idr_get_free+0x4b5/0x8f0 [ 1521.617642] idr_alloc_u32+0x170/0x2d0 [ 1521.618055] ? __fprop_inc_percpu_max+0x130/0x130 [ 1521.618516] ? p9_client_prepare_req.part.0+0x20a/0xac0 [ 1521.618975] ? lock_release+0x680/0x680 [ 1521.619317] idr_alloc+0xc2/0x130 [ 1521.619614] ? idr_alloc_u32+0x2d0/0x2d0 [ 1521.620029] ? rwlock_bug.part.0+0x90/0x90 [ 1521.620399] p9_client_prepare_req.part.0+0x612/0xac0 [ 1521.620922] p9_client_rpc+0x220/0x1370 [ 1521.621263] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1521.621715] ? p9_client_prepare_req.part.0+0xac0/0xac0 [ 1521.622173] ? pipe_poll+0x21b/0x7f0 [ 1521.622494] ? p9_fd_close+0x4a0/0x4a0 [ 1521.622831] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1521.623284] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1521.623829] ? trace_hardirqs_on+0x5b/0x180 [ 1521.624240] p9_client_create+0xa76/0x11c0 [ 1521.624609] ? p9_client_flush+0x430/0x430 [ 1521.624972] ? trace_hardirqs_on+0x5b/0x180 [ 1521.625342] ? lockdep_init_map_type+0x2c7/0x780 [ 1521.625750] ? __raw_spin_lock_init+0x36/0x110 [ 1521.626146] v9fs_session_init+0x1dd/0x1680 [ 1521.626517] ? lock_release+0x680/0x680 [ 1521.626864] ? kmem_cache_alloc_trace+0x151/0x320 [ 1521.627276] ? v9fs_show_options+0x690/0x690 [ 1521.627665] ? trace_hardirqs_on+0x5b/0x180 [ 1521.628042] ? kasan_unpoison_shadow+0x33/0x50 [ 1521.628513] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1521.629010] v9fs_mount+0x79/0x8f0 [ 1521.629321] ? v9fs_write_inode+0x60/0x60 [ 1521.629679] legacy_get_tree+0x105/0x220 [ 1521.630029] vfs_get_tree+0x8e/0x300 [ 1521.630348] path_mount+0x1429/0x2120 [ 1521.630678] ? strncpy_from_user+0x9e/0x470 [ 1521.631047] ? finish_automount+0xa90/0xa90 [ 1521.631415] ? getname_flags.part.0+0x1dd/0x4f0 [ 1521.631855] ? _copy_from_user+0xfb/0x1b0 [ 1521.632216] __x64_sys_mount+0x282/0x300 [ 1521.632564] ? copy_mnt_ns+0xa00/0xa00 [ 1521.632901] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1521.633349] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1521.633844] do_syscall_64+0x33/0x40 [ 1521.634227] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1521.634663] RIP: 0033:0x7f78e3094b19 [ 1521.634983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.636556] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1521.637207] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1521.637814] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1521.638491] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1521.639142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1521.639780] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:11:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x22b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa706, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c76657273696f6e3d3970323030302cde"]) 14:11:37 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa2b, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:37 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x60000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:38 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6a9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:38 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x23b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:38 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [], 0x10}}) 14:11:38 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa2c, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa707, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:38 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x66c34f39, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8042, 0x0) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x18803, 0x100}, 0x18) openat(r0, &(0x7f0000000140)='./file1\x00', 0x200001, 0x4) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c76657273696f6e123970323030302c003c180181dadd5f18950a93b9e511ecaef90a9fbaef8f4de59a4cba421deeae8e15440babe36c320d581d2618f52df5cb8e2867cd1fc2f8e9e2ee369a01a19350"]) 14:11:53 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x7b23a8ae, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6aa, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x24b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 49) 14:11:53 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getuid() stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r3, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@fowner_lt={'fowner<', r2}}, {@measure}, {@fsuuid={'fsuuid', 0x3d, {[0x39, 0x61, 0x32, 0x34, 0x38, 0x33, 0x32, 0x37], 0x2d, [0x38, 0x34, 0x64, 0x30], 0x2d, [0x73, 0x37, 0x31, 0x35], 0x2d, [0x35, 0x39, 0x61, 0x61], 0x2d, [0x37, 0x62, 0x66, 0x35, 0x39, 0x34, 0x66, 0x32]}}}, {@fowner_gt={'fowner>', r3}}, {@dont_appraise}]}}) 14:11:53 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa2d, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa708, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1536.869877] FAULT_INJECTION: forcing a failure. [ 1536.869877] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.871079] CPU: 0 PID: 48090 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1536.871726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1536.872503] Call Trace: [ 1536.872762] dump_stack+0x107/0x167 [ 1536.873113] should_fail.cold+0x5/0xa [ 1536.873480] ? create_object.isra.0+0x3a/0xa20 [ 1536.873916] should_failslab+0x5/0x20 [ 1536.874276] kmem_cache_alloc+0x5b/0x310 [ 1536.874661] create_object.isra.0+0x3a/0xa20 [ 1536.875075] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1536.875561] __kmalloc+0x16e/0x390 [ 1536.875919] p9pdu_readf+0xadb/0x1d40 [ 1536.876286] ? pipe_poll+0x21b/0x7f0 [ 1536.876638] ? p9pdu_writef+0x100/0x100 [ 1536.877021] ? p9_fd_poll+0x1e0/0x2c0 [ 1536.877389] ? p9_fd_create+0x357/0x4a0 [ 1536.877759] ? p9_conn_create+0x510/0x510 [ 1536.878145] ? p9_client_create+0x798/0x11c0 [ 1536.878561] ? kfree+0xd7/0x340 [ 1536.878882] p9_client_create+0xaee/0x11c0 [ 1536.879290] ? p9_client_flush+0x430/0x430 [ 1536.879693] ? trace_hardirqs_on+0x5b/0x180 [ 1536.880117] ? lockdep_init_map_type+0x2c7/0x780 [ 1536.880565] ? __raw_spin_lock_init+0x36/0x110 [ 1536.880997] v9fs_session_init+0x1dd/0x1680 [ 1536.881397] ? lock_release+0x680/0x680 [ 1536.881775] ? kmem_cache_alloc_trace+0x151/0x320 [ 1536.882221] ? v9fs_show_options+0x690/0x690 [ 1536.882638] ? trace_hardirqs_on+0x5b/0x180 [ 1536.883043] ? kasan_unpoison_shadow+0x33/0x50 [ 1536.883469] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1536.883962] v9fs_mount+0x79/0x8f0 [ 1536.884300] ? v9fs_write_inode+0x60/0x60 [ 1536.884694] legacy_get_tree+0x105/0x220 [ 1536.885074] vfs_get_tree+0x8e/0x300 [ 1536.885424] path_mount+0x1429/0x2120 [ 1536.885785] ? strncpy_from_user+0x9e/0x470 [ 1536.886187] ? finish_automount+0xa90/0xa90 [ 1536.886593] ? getname_flags.part.0+0x1dd/0x4f0 [ 1536.887028] ? _copy_from_user+0xfb/0x1b0 [ 1536.887426] __x64_sys_mount+0x282/0x300 [ 1536.887810] ? copy_mnt_ns+0xa00/0xa00 [ 1536.888264] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1536.888759] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1536.889247] do_syscall_64+0x33/0x40 [ 1536.889602] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1536.890088] RIP: 0033:0x7f78e3094b19 [ 1536.890447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.892147] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1536.892863] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1536.893518] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1536.894176] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1536.894842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1536.895510] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:11:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa709, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x84400000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa2e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x25b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ab, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x86000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:11:53 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 50) 14:11:53 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) open(&(0x7f0000000080)='./file1\x00', 0x2040, 0x91) preadv(r0, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) dup(r0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) pwrite64(r3, &(0x7f0000000200)="3bd70605cc7edef17ceb5910d670eb45a1f889d82dd1b3c51a642abd56844b92411281f5593287d37e5a7d433d468f70546ffb7f212437f46eba7158ab44b1afdcc93f5739ae85ddb6541da8b0e17cb145dbad94193bb86fae0caf840346571c8d8e5bb9cdf22dd16b1d9c891afee9bbbf31f3cfc1da9a18bd6dc8a3b981ad26da3a803c3c758d2ccdfe42c65facbb8cef30d49091519e622b1b3c040c4901819a5c600a1d5be281c3df643d1b727dee8186e36aa495d97ca0e7c9687ca536b922d6aaba07cc8f141195ae35556d5ed89ae5ffa5ab081f4e076d014f0b47450f07fca79fd4dc1bbeecefae", 0xeb, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="747205000000006d6e733d6664365a13254df91c844f3a2c13d3646e3d", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',version=9p2000,\x00']) 14:11:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa70a, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1537.289987] FAULT_INJECTION: forcing a failure. [ 1537.289987] name failslab, interval 1, probability 0, space 0, times 0 [ 1537.291221] CPU: 0 PID: 49341 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1537.291868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1537.292632] Call Trace: [ 1537.292887] dump_stack+0x107/0x167 [ 1537.293229] should_fail.cold+0x5/0xa [ 1537.293588] ? create_object.isra.0+0x3a/0xa20 [ 1537.294018] should_failslab+0x5/0x20 [ 1537.294375] kmem_cache_alloc+0x5b/0x310 [ 1537.294758] ? lock_release+0x680/0x680 [ 1537.295134] create_object.isra.0+0x3a/0xa20 [ 1537.295553] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1537.296045] kmem_cache_alloc+0x159/0x310 [ 1537.296442] kmem_cache_create_usercopy+0x190/0x2f0 [ 1537.296913] p9_client_create+0xc2b/0x11c0 [ 1537.297318] ? p9_client_flush+0x430/0x430 [ 1537.297716] ? trace_hardirqs_on+0x5b/0x180 [ 1537.298120] ? lockdep_init_map_type+0x2c7/0x780 [ 1537.298567] ? __raw_spin_lock_init+0x36/0x110 [ 1537.298999] v9fs_session_init+0x1dd/0x1680 [ 1537.299404] ? lock_release+0x680/0x680 [ 1537.299788] ? kmem_cache_alloc_trace+0x151/0x320 [ 1537.300256] ? v9fs_show_options+0x690/0x690 [ 1537.300677] ? trace_hardirqs_on+0x5b/0x180 [ 1537.301081] ? kasan_unpoison_shadow+0x33/0x50 [ 1537.301512] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1537.301989] v9fs_mount+0x79/0x8f0 [ 1537.302326] ? v9fs_write_inode+0x60/0x60 [ 1537.302716] legacy_get_tree+0x105/0x220 [ 1537.303097] vfs_get_tree+0x8e/0x300 [ 1537.303448] path_mount+0x1429/0x2120 [ 1537.303811] ? strncpy_from_user+0x9e/0x470 [ 1537.304234] ? finish_automount+0xa90/0xa90 [ 1537.304632] ? getname_flags.part.0+0x1dd/0x4f0 [ 1537.305064] ? _copy_from_user+0xfb/0x1b0 [ 1537.305460] __x64_sys_mount+0x282/0x300 [ 1537.305842] ? copy_mnt_ns+0xa00/0xa00 [ 1537.306219] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1537.306720] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1537.307205] do_syscall_64+0x33/0x40 [ 1537.307564] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1537.308088] RIP: 0033:0x7f78e3094b19 [ 1537.308445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1537.310130] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1537.310831] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1537.311489] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1537.312160] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1537.312817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1537.313474] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:12:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa2f, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 51) 14:12:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa70b, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ac, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x26b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x8cffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r0, r1, 0x0, 0x80000000) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pidfd_send_signal(r0, 0x11, &(0x7f0000000200)={0x0, 0x9, 0x6}, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f0000000280)={0x101000, 0x6, 0x10}, 0x18) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x9, 0x0, 0x7, 0xfe01, 0xfffa, 0x1}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) [ 1552.196329] FAULT_INJECTION: forcing a failure. [ 1552.196329] name failslab, interval 1, probability 0, space 0, times 0 [ 1552.197507] CPU: 1 PID: 49780 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1552.198146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1552.198886] Call Trace: [ 1552.199153] dump_stack+0x107/0x167 [ 1552.199493] should_fail.cold+0x5/0xa [ 1552.199853] ? __kmem_cache_create+0x10e/0x520 [ 1552.200316] should_failslab+0x5/0x20 [ 1552.200673] kmem_cache_alloc_node+0x55/0x330 [ 1552.201095] __kmem_cache_create+0x10e/0x520 [ 1552.201533] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1552.202007] p9_client_create+0xc2b/0x11c0 [ 1552.202427] ? p9_client_flush+0x430/0x430 [ 1552.202826] ? trace_hardirqs_on+0x5b/0x180 [ 1552.203230] ? lockdep_init_map_type+0x2c7/0x780 [ 1552.203692] ? __raw_spin_lock_init+0x36/0x110 [ 1552.204136] v9fs_session_init+0x1dd/0x1680 [ 1552.204557] ? lock_release+0x680/0x680 [ 1552.204937] ? kmem_cache_alloc_trace+0x151/0x320 [ 1552.205382] ? v9fs_show_options+0x690/0x690 [ 1552.205819] ? trace_hardirqs_on+0x5b/0x180 [ 1552.206224] ? kasan_unpoison_shadow+0x33/0x50 [ 1552.206645] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1552.207081] v9fs_mount+0x79/0x8f0 [ 1552.207408] ? v9fs_write_inode+0x60/0x60 [ 1552.207817] legacy_get_tree+0x105/0x220 [ 1552.208231] vfs_get_tree+0x8e/0x300 [ 1552.208582] path_mount+0x1429/0x2120 [ 1552.208961] ? strncpy_from_user+0x9e/0x470 [ 1552.209363] ? finish_automount+0xa90/0xa90 [ 1552.209784] ? getname_flags.part.0+0x1dd/0x4f0 [ 1552.210215] ? _copy_from_user+0xfb/0x1b0 [ 1552.210607] __x64_sys_mount+0x282/0x300 [ 1552.211006] ? copy_mnt_ns+0xa00/0xa00 [ 1552.211371] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1552.211872] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1552.212412] do_syscall_64+0x33/0x40 [ 1552.212764] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1552.213254] RIP: 0033:0x7f78e3094b19 [ 1552.213602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1552.215288] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1552.215986] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1552.216661] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1552.217323] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1552.217972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1552.218631] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1552.219355] kmem_cache_create(9p-fcall-cache) failed with error -22 [ 1552.219918] CPU: 1 PID: 49780 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1552.225988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1552.226702] Call Trace: [ 1552.226932] dump_stack+0x107/0x167 [ 1552.227246] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1552.228785] p9_client_create+0xc2b/0x11c0 [ 1552.229148] ? p9_client_flush+0x430/0x430 [ 1552.229506] ? trace_hardirqs_on+0x5b/0x180 [ 1552.230966] ? lockdep_init_map_type+0x2c7/0x780 [ 1552.231373] ? __raw_spin_lock_init+0x36/0x110 [ 1552.231761] v9fs_session_init+0x1dd/0x1680 [ 1552.233220] ? lock_release+0x680/0x680 [ 1552.233563] ? kmem_cache_alloc_trace+0x151/0x320 [ 1552.233974] ? v9fs_show_options+0x690/0x690 [ 1552.235445] ? trace_hardirqs_on+0x5b/0x180 [ 1552.235813] ? kasan_unpoison_shadow+0x33/0x50 [ 1552.237313] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1552.237745] v9fs_mount+0x79/0x8f0 [ 1552.238047] ? v9fs_write_inode+0x60/0x60 [ 1552.239490] legacy_get_tree+0x105/0x220 [ 1552.239837] vfs_get_tree+0x8e/0x300 [ 1552.240161] path_mount+0x1429/0x2120 [ 1552.241581] ? strncpy_from_user+0x9e/0x470 [ 1552.241943] ? finish_automount+0xa90/0xa90 [ 1552.242309] ? getname_flags.part.0+0x1dd/0x4f0 [ 1552.243798] ? _copy_from_user+0xfb/0x1b0 [ 1552.244168] __x64_sys_mount+0x282/0x300 [ 1552.244511] ? copy_mnt_ns+0xa00/0xa00 [ 1552.245940] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1552.246383] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1552.247912] do_syscall_64+0x33/0x40 [ 1552.249084] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1552.249515] RIP: 0033:0x7f78e3094b19 [ 1552.249837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1552.254608] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1552.255265] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1552.255866] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1552.256671] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1552.257265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1552.258958] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:12:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x27b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x97ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa30, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdda6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ad, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000300)={0x8, 0x8001, 0xfa6d, 0x8, 0x8, "42ec34975c2109a5b73570b72507e905f2f557", 0x28b, 0x106}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) creat(&(0x7f0000000000)='./file1\x00', 0x90) r3 = signalfd4(r1, &(0x7f0000000280)={[0x2]}, 0x8, 0x80000) ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f0000000340)={0x80000001, 0x401, 0x1000000, 0x1, 0x4, "eecadf0b333caae8f760f86860e79f1fa7ad5f", 0x9, 0x4}) openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x10801, 0x0) r4 = openat$null(0xffffffffffffff9c, &(0x7f00000002c0), 0x1a1002, 0x0) openat$incfs(r4, &(0x7f0000000240)='.log\x00', 0x105000, 0x100) bind$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e24, @private=0xa010102}, 0x10) 14:12:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdea6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:08 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x944c2, 0x26) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r2, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) setsockopt$inet_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000000)=@ccm_128={{0x304}, "440a779dd75e95a6", "3dfebde4ca68cf61043d949ac50d921f", "a1e21b3a", "cb9cb342d7bc7e0f"}, 0x28) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c776636fa21460325fcc21f0000008cbf1e2a646e01f0ffffa0d6f52a978669096147bb47e25370c7402d0574224676c43ab7b8271b8e288e0fcce6ef8a1676d16a0ee85bb12eb6c9b7d0a141efd97df59a14d2d43d9b33cde317ffd9637cada3fdf0f9798f7e9bbf54b5d7d611936a298b08590ba724d784392fa4b29df2c8245491f98279d6d0c15621d952544c56b900000000", @ANYRESHEX=r1, @ANYBLOB=',version=9p2000,\x00']) fsopen(&(0x7f0000000100)='virtiofs\x00', 0x0) 14:12:23 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = fcntl$getown(r0, 0x9) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000380)=0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mknodat$loop(r4, &(0x7f0000000840)='./file1\x00', 0x20, 0x0) preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) r5 = clone3(&(0x7f0000000400)={0x1000, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000200), {0xd}, &(0x7f0000000240), 0x0, &(0x7f0000000280)=""/216, &(0x7f00000003c0)=[r2, r3, r1], 0x3, {r4}}, 0x58) r6 = gettid() timer_create(0x7, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r6}, &(0x7f0000000040)) recvmsg$unix(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000001440)=""/4096, 0x1000}, {&(0x7f0000000640)=""/215, 0xd7}], 0x2, &(0x7f0000000780)=[@cred={{0x1c, 0x1, 0x2, {0x0}}}], 0x20}, 0x2) r8 = gettid() timer_create(0x7, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r8}, &(0x7f0000000040)) clone3(&(0x7f0000000940)={0x10000, &(0x7f0000000240), &(0x7f0000000600), &(0x7f00000004c0), {0x1f}, &(0x7f00000009c0)=""/254, 0xfc, &(0x7f0000002440)=""/102400, &(0x7f0000000800)=[r6, r5, r7, 0xffffffffffffffff, r3], 0x400000000000003d, {r0}}, 0x58) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) r9 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r9, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000880)={{0x1, 0x1, 0x18, r9}, './file1\x00'}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x28b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdfa6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xa1030000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 52) 14:12:23 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ae, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1567.215979] FAULT_INJECTION: forcing a failure. [ 1567.215979] name failslab, interval 1, probability 0, space 0, times 0 [ 1567.217185] CPU: 1 PID: 51316 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1567.217779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1567.218547] Call Trace: [ 1567.218777] dump_stack+0x107/0x167 [ 1567.219135] should_fail.cold+0x5/0xa [ 1567.219465] ? __kmem_cache_create+0x10e/0x520 [ 1567.219851] should_failslab+0x5/0x20 [ 1567.220240] kmem_cache_alloc_node+0x55/0x330 [ 1567.220626] __kmem_cache_create+0x10e/0x520 [ 1567.221003] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1567.221481] p9_client_create+0xc2b/0x11c0 [ 1567.221846] ? p9_client_flush+0x430/0x430 [ 1567.222280] ? trace_hardirqs_on+0x5b/0x180 [ 1567.222647] ? lockdep_init_map_type+0x2c7/0x780 [ 1567.223095] ? __raw_spin_lock_init+0x36/0x110 [ 1567.223498] v9fs_session_init+0x1dd/0x1680 [ 1567.223864] ? lock_release+0x680/0x680 14:12:23 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa31, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 5: r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x200000a, 0x14012, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x2cf8, &(0x7f0000000900)={0x0, 0x20000000, 0x20, 0x3, 0x124}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140)) r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000) r3 = mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, r1, 0x10000000) syz_io_uring_submit(0x0, r3, 0x0, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r0, r3, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x5, 0x0, @fd, 0x1, 0x0, 0x7, 0x3, 0x0, {0x0, r4}}, 0x5) r5 = syz_io_uring_complete(r2) sendmsg$DEVLINK_CMD_PORT_SPLIT(r5, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)={0x1a4, 0x0, 0x200, 0x70bd29, 0x25dfdbff, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0x9, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0x9, 0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0x9, 0x7}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0x9, 0x2}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0x9, 0x2}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0x9, 0x4}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0x9, 0x5}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8}}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x20000008}, 0x44800) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x8, 0x0, 0x0, 0x0, 0x0, {0x0, r6}}, 0x10000) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_POLL_ADD={0x6, 0x1, 0x0, @fd, 0x0, 0x0, 0x0, {0x1002}, 0x0, {0x0, r6}}, 0x8fb4) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0xfffffeb7, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, r8, {0x1}}, './file1\x00'}) ioctl$BTRFS_IOC_DEFRAG_RANGE(r9, 0x40309410, &(0x7f0000000180)={0x2, 0x800, 0x0, 0x9, 0x0, [0x7, 0x81, 0x101, 0x9]}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="7472616e733d66643d70523b5a6bf692a549b6cbc27211d2d4566038000d2535fad48907b0cd8591538167f3bb6547c0878661df53696e35add967c6a9aae1ff9e73adeefaab259f2f52992acbcdec1f78971801bb7211c91c9244f7cea6f609e22aed71423b58f64bdead85f1d1807648b6a9aeaef29f6ec6fd8785e802649e578e7c820a67019cd486774ba343be9c74af760bb68855feef1ada1b", @ANYRESHEX=r7, @ANYRES32=r7, @ANYRESHEX=r8, @ANYBLOB=',version=9p2000,\x00']) r10 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r10, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) mmap(&(0x7f0000edd000/0x2000)=nil, 0x2000, 0x2000008, 0x20010, r10, 0xce8b1000) [ 1567.224266] ? kmem_cache_alloc_trace+0x151/0x320 [ 1567.224679] ? v9fs_show_options+0x690/0x690 [ 1567.225098] ? trace_hardirqs_on+0x5b/0x180 [ 1567.225632] ? kasan_unpoison_shadow+0x33/0x50 [ 1567.226137] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1567.226574] v9fs_mount+0x79/0x8f0 [ 1567.226879] ? v9fs_write_inode+0x60/0x60 [ 1567.227316] legacy_get_tree+0x105/0x220 [ 1567.227669] vfs_get_tree+0x8e/0x300 [ 1567.227983] path_mount+0x1429/0x2120 [ 1567.228460] ? strncpy_from_user+0x9e/0x470 [ 1567.228825] ? finish_automount+0xa90/0xa90 [ 1567.229246] ? getname_flags.part.0+0x1dd/0x4f0 [ 1567.229640] ? _copy_from_user+0xfb/0x1b0 [ 1567.229995] __x64_sys_mount+0x282/0x300 [ 1567.230386] ? copy_mnt_ns+0xa00/0xa00 [ 1567.230718] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1567.231234] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1567.231670] do_syscall_64+0x33/0x40 [ 1567.231987] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1567.232513] RIP: 0033:0x7f78e3094b19 [ 1567.232861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1567.234915] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1567.235777] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1567.236470] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1567.237213] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1567.237934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1567.238707] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1567.239482] kmem_cache_create(9p-fcall-cache) failed with error -22 [ 1567.240026] CPU: 1 PID: 51316 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1567.240691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1567.241442] Call Trace: [ 1567.241672] dump_stack+0x107/0x167 [ 1567.241987] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1567.242493] p9_client_create+0xc2b/0x11c0 [ 1567.242860] ? p9_client_flush+0x430/0x430 [ 1567.243304] ? trace_hardirqs_on+0x5b/0x180 [ 1567.243678] ? lockdep_init_map_type+0x2c7/0x780 [ 1567.244139] ? __raw_spin_lock_init+0x36/0x110 [ 1567.244577] v9fs_session_init+0x1dd/0x1680 [ 1567.244951] ? lock_release+0x680/0x680 [ 1567.245352] ? kmem_cache_alloc_trace+0x151/0x320 [ 1567.245761] ? v9fs_show_options+0x690/0x690 [ 1567.246188] ? trace_hardirqs_on+0x5b/0x180 [ 1567.246564] ? kasan_unpoison_shadow+0x33/0x50 [ 1567.246949] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1567.247435] v9fs_mount+0x79/0x8f0 [ 1567.247745] ? v9fs_write_inode+0x60/0x60 [ 1567.248188] legacy_get_tree+0x105/0x220 [ 1567.248578] vfs_get_tree+0x8e/0x300 [ 1567.248899] path_mount+0x1429/0x2120 [ 1567.249279] ? strncpy_from_user+0x9e/0x470 [ 1567.249649] ? finish_automount+0xa90/0xa90 [ 1567.250018] ? getname_flags.part.0+0x1dd/0x4f0 [ 1567.250462] ? _copy_from_user+0xfb/0x1b0 [ 1567.250823] __x64_sys_mount+0x282/0x300 [ 1567.251222] ? copy_mnt_ns+0xa00/0xa00 [ 1567.251563] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1567.252012] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1567.252511] do_syscall_64+0x33/0x40 [ 1567.252833] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1567.253342] RIP: 0033:0x7f78e3094b19 [ 1567.253660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1567.255776] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1567.256479] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1567.257176] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1567.257839] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1567.258526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1567.259233] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:12:23 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaea8237b, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdff0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6af, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa32, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) r2 = syz_io_uring_setup(0x4d4f, &(0x7f0000000900), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x8000000) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, r2, 0x10000000) fstatfs(r2, &(0x7f0000000200)=""/123) 14:12:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x29b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:23 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 53) [ 1567.597001] FAULT_INJECTION: forcing a failure. [ 1567.597001] name failslab, interval 1, probability 0, space 0, times 0 [ 1567.598104] CPU: 0 PID: 52499 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1567.598694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1567.599394] Call Trace: [ 1567.599627] dump_stack+0x107/0x167 [ 1567.599945] should_fail.cold+0x5/0xa [ 1567.600296] ? create_object.isra.0+0x3a/0xa20 [ 1567.600692] should_failslab+0x5/0x20 [ 1567.601018] kmem_cache_alloc+0x5b/0x310 [ 1567.601370] create_object.isra.0+0x3a/0xa20 [ 1567.601749] kmemleak_alloc_percpu+0xa0/0x100 [ 1567.602132] pcpu_alloc+0x4e2/0x1240 [ 1567.602467] __kmem_cache_create+0x35a/0x520 [ 1567.602848] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1567.603279] p9_client_create+0xc2b/0x11c0 [ 1567.603646] ? p9_client_flush+0x430/0x430 [ 1567.604011] ? trace_hardirqs_on+0x5b/0x180 [ 1567.604399] ? lockdep_init_map_type+0x2c7/0x780 [ 1567.604808] ? __raw_spin_lock_init+0x36/0x110 [ 1567.605200] v9fs_session_init+0x1dd/0x1680 [ 1567.605572] ? lock_release+0x680/0x680 [ 1567.605919] ? kmem_cache_alloc_trace+0x151/0x320 [ 1567.606332] ? v9fs_show_options+0x690/0x690 [ 1567.606714] ? trace_hardirqs_on+0x5b/0x180 [ 1567.607085] ? kasan_unpoison_shadow+0x33/0x50 [ 1567.607476] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1567.607914] v9fs_mount+0x79/0x8f0 [ 1567.608232] ? v9fs_write_inode+0x60/0x60 [ 1567.608601] legacy_get_tree+0x105/0x220 [ 1567.608952] vfs_get_tree+0x8e/0x300 [ 1567.609274] path_mount+0x1429/0x2120 [ 1567.609608] ? strncpy_from_user+0x9e/0x470 [ 1567.609976] ? finish_automount+0xa90/0xa90 [ 1567.610349] ? getname_flags.part.0+0x1dd/0x4f0 [ 1567.610745] ? _copy_from_user+0xfb/0x1b0 [ 1567.611103] __x64_sys_mount+0x282/0x300 [ 1567.611452] ? copy_mnt_ns+0xa00/0xa00 [ 1567.611790] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1567.612258] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1567.612705] do_syscall_64+0x33/0x40 [ 1567.613028] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1567.613468] RIP: 0033:0x7f78e3094b19 [ 1567.613791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1567.615348] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1567.616002] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1567.616631] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1567.617239] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1567.617846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1567.618456] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:12:37 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 54) 14:12:37 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xc0ed0000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:37 executing program 1: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000200)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0) dup2(r0, r0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ff3000/0xa000)=nil, 0xa000}, 0x2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000900), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, r1, 0x10000000) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="7462616e733d66026e6f3df800f500", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',version=9p2000,\x00']) 14:12:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe0a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = dup2(r0, r2) sendmsg$NL80211_CMD_SET_REG(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r1, 0x200, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x4}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r2) r4 = syz_io_uring_setup(0x4d4f, &(0x7f0000000900), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140)) r5 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r5, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) r6 = openat$sr(0xffffffffffffff9c, &(0x7f00000003c0), 0x80002, 0x0) sendmsg$NL80211_CMD_DEL_KEY(r6, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0xa4, r1, 0x100, 0x70bd26, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "1fd6b21073"}, @NL80211_ATTR_KEY={0x54, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_SEQ={0x9, 0x4, "7ac82b7d03"}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "b83449d4bc"}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "4e26b6c73e"}, @NL80211_KEY_SEQ={0x7, 0x4, "e89a30"}, @NL80211_KEY_SEQ={0x14, 0x4, "3e26a6c9890bfee3a1587f307774beba"}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_MODE={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000000}, 0x24004000) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r3, {0xee01, 0xee00}}, './file1\x00'}) lstat(&(0x7f0000000200)='./file1\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x20, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r7}}], [{@smackfsroot={'smackfsroot', 0x3d, 'aa\x00'}}, {@obj_role}, {@uid_eq={'uid', 0x3d, r8}}, {@audit}, {@fowner_lt={'fowner<', 0xee00}}]}}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r4, 0x8000000) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, r4, 0x10000000) pidfd_getfd(0xffffffffffffffff, r4, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d42d83b77edc62bb1999a0281d01ca9b412cb6594b93623445a34748a0ab3f997b045273f16686355279a8eb02c6062cc143cb4cb7956cb0360263c6bd7e281d6e05df0c4a76f3d9fbc0b47fc1d327f9a74fe7246a91a39de9eabfb239da630d9486f6b16d21f54bd4c3ef8d6baa47a2265d754df8f1cb9b960733e826ae3cde073d4adb5b970abef821be4a9bffc2b352fca43c7b0b9be70b1f32567be2a765a82099277f797b63ae7d9702f89a2b932cf073e0d83b2fdba8132a1eb019656734fe576feecb733e420e7be703e27e20976daf82642", @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r10, @ANYBLOB=',version=9p2000,\x00']) 14:12:37 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:37 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa33, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2ab9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1581.641002] FAULT_INJECTION: forcing a failure. [ 1581.641002] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.642277] CPU: 0 PID: 52702 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1581.642978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.643827] Call Trace: [ 1581.644061] dump_stack+0x107/0x167 [ 1581.644394] should_fail.cold+0x5/0xa [ 1581.644817] ? create_object.isra.0+0x3a/0xa20 [ 1581.645210] should_failslab+0x5/0x20 [ 1581.645625] kmem_cache_alloc+0x5b/0x310 [ 1581.645981] create_object.isra.0+0x3a/0xa20 [ 1581.646364] kmemleak_alloc_percpu+0xa0/0x100 [ 1581.646864] pcpu_alloc+0x4e2/0x1240 [ 1581.647202] __kmem_cache_create+0x35a/0x520 [ 1581.647701] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1581.648129] p9_client_create+0xc2b/0x11c0 [ 1581.648554] ? p9_client_flush+0x430/0x430 [ 1581.648965] ? trace_hardirqs_on+0x5b/0x180 [ 1581.649338] ? lockdep_init_map_type+0x2c7/0x780 [ 1581.649835] ? __raw_spin_lock_init+0x36/0x110 [ 1581.650230] v9fs_session_init+0x1dd/0x1680 [ 1581.650716] ? lock_release+0x680/0x680 [ 1581.651061] ? kmem_cache_alloc_trace+0x151/0x320 [ 1581.651522] ? v9fs_show_options+0x690/0x690 [ 1581.651973] ? trace_hardirqs_on+0x5b/0x180 [ 1581.652354] ? kasan_unpoison_shadow+0x33/0x50 [ 1581.652837] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1581.653280] v9fs_mount+0x79/0x8f0 [ 1581.653680] ? v9fs_write_inode+0x60/0x60 [ 1581.654034] legacy_get_tree+0x105/0x220 [ 1581.654383] vfs_get_tree+0x8e/0x300 [ 1581.654816] path_mount+0x1429/0x2120 [ 1581.655151] ? strncpy_from_user+0x9e/0x470 [ 1581.655630] ? finish_automount+0xa90/0xa90 [ 1581.656013] ? getname_flags.part.0+0x1dd/0x4f0 [ 1581.656458] ? _copy_from_user+0xfb/0x1b0 [ 1581.656869] __x64_sys_mount+0x282/0x300 [ 1581.657215] ? copy_mnt_ns+0xa00/0xa00 [ 1581.657636] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1581.658078] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1581.658634] do_syscall_64+0x33/0x40 [ 1581.658957] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.659394] RIP: 0033:0x7f78e3094b19 [ 1581.659798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1581.661507] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1581.662187] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1581.662895] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1581.663538] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1581.664175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1581.664876] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:12:37 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b1, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2bb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:38 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa34, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe1a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:38 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xc2000000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:38 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r0, 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000080)={&(0x7f0000000000)=""/64, 0x40, 0x100, 0x7fffffff}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:12:38 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 55) [ 1581.953723] FAULT_INJECTION: forcing a failure. [ 1581.953723] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.954773] CPU: 1 PID: 53845 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1581.955364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.956062] Call Trace: [ 1581.956299] dump_stack+0x107/0x167 [ 1581.956628] should_fail.cold+0x5/0xa [ 1581.956960] ? __kernfs_new_node+0xd4/0x860 [ 1581.957333] should_failslab+0x5/0x20 [ 1581.957659] kmem_cache_alloc+0x5b/0x310 [ 1581.958008] __kernfs_new_node+0xd4/0x860 [ 1581.958371] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1581.958784] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1581.959237] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1581.959685] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.960142] kernfs_new_node+0x18d/0x250 [ 1581.960512] kernfs_create_dir_ns+0x49/0x160 [ 1581.960889] sysfs_create_dir_ns+0x127/0x290 [ 1581.961269] ? sysfs_create_mount_point+0xb0/0xb0 [ 1581.961679] ? rwlock_bug.part.0+0x90/0x90 [ 1581.962043] ? do_raw_spin_unlock+0x4f/0x220 [ 1581.962425] kobject_add_internal+0x25e/0xa30 [ 1581.962814] kobject_init_and_add+0x101/0x160 [ 1581.963197] ? kobject_create_and_add+0xb0/0xb0 [ 1581.963601] ? wait_for_completion_io+0x270/0x270 [ 1581.964010] ? kernfs_name_hash+0xe7/0x110 [ 1581.964382] ? kernfs_find_ns+0x256/0x380 [ 1581.964749] sysfs_slab_add+0x172/0x200 [ 1581.965094] __kmem_cache_create+0x3db/0x520 [ 1581.965475] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1581.965904] p9_client_create+0xc2b/0x11c0 [ 1581.966274] ? p9_client_flush+0x430/0x430 [ 1581.966637] ? trace_hardirqs_on+0x5b/0x180 [ 1581.967005] ? lockdep_init_map_type+0x2c7/0x780 [ 1581.967417] ? __raw_spin_lock_init+0x36/0x110 [ 1581.967813] v9fs_session_init+0x1dd/0x1680 [ 1581.968181] ? lock_release+0x680/0x680 [ 1581.968539] ? kmem_cache_alloc_trace+0x151/0x320 [ 1581.968953] ? v9fs_show_options+0x690/0x690 [ 1581.969334] ? trace_hardirqs_on+0x5b/0x180 [ 1581.969708] ? kasan_unpoison_shadow+0x33/0x50 [ 1581.970099] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1581.970537] v9fs_mount+0x79/0x8f0 [ 1581.970843] ? v9fs_write_inode+0x60/0x60 [ 1581.971202] legacy_get_tree+0x105/0x220 [ 1581.971557] vfs_get_tree+0x8e/0x300 [ 1581.971875] path_mount+0x1429/0x2120 [ 1581.972206] ? strncpy_from_user+0x9e/0x470 [ 1581.972595] ? finish_automount+0xa90/0xa90 [ 1581.972971] ? getname_flags.part.0+0x1dd/0x4f0 [ 1581.973377] ? _copy_from_user+0xfb/0x1b0 [ 1581.973740] __x64_sys_mount+0x282/0x300 [ 1581.974090] ? copy_mnt_ns+0xa00/0xa00 [ 1581.974431] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1581.974884] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1581.975331] do_syscall_64+0x33/0x40 [ 1581.975652] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.976092] RIP: 0033:0x7f78e3094b19 [ 1581.976428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1581.977997] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1581.978654] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1581.979262] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1581.979875] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1581.980498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1581.981103] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1581.981871] kobject_add_internal failed for 9p-fcall-cache (error: -12 parent: slab) [ 1581.982599] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1581.983145] CPU: 1 PID: 53845 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1581.983736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1581.984456] Call Trace: [ 1581.984686] dump_stack+0x107/0x167 [ 1581.985001] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1581.985456] p9_client_create+0xc2b/0x11c0 [ 1581.985830] ? p9_client_flush+0x430/0x430 [ 1581.986195] ? trace_hardirqs_on+0x5b/0x180 [ 1581.986569] ? lockdep_init_map_type+0x2c7/0x780 [ 1581.986981] ? __raw_spin_lock_init+0x36/0x110 [ 1581.987376] v9fs_session_init+0x1dd/0x1680 [ 1581.987759] ? lock_release+0x680/0x680 [ 1581.988112] ? kmem_cache_alloc_trace+0x151/0x320 [ 1581.988546] ? v9fs_show_options+0x690/0x690 [ 1581.988932] ? trace_hardirqs_on+0x5b/0x180 [ 1581.989310] ? kasan_unpoison_shadow+0x33/0x50 [ 1581.989704] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1581.990142] v9fs_mount+0x79/0x8f0 [ 1581.990461] ? v9fs_write_inode+0x60/0x60 [ 1581.990819] legacy_get_tree+0x105/0x220 [ 1581.991168] vfs_get_tree+0x8e/0x300 [ 1581.991489] path_mount+0x1429/0x2120 [ 1581.991817] ? strncpy_from_user+0x9e/0x470 [ 1581.992189] ? finish_automount+0xa90/0xa90 [ 1581.992578] ? getname_flags.part.0+0x1dd/0x4f0 [ 1581.992978] ? _copy_from_user+0xfb/0x1b0 [ 1581.993343] __x64_sys_mount+0x282/0x300 [ 1581.993693] ? copy_mnt_ns+0xa00/0xa00 [ 1581.994033] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1581.994488] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1581.994930] do_syscall_64+0x33/0x40 [ 1581.995251] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1581.995688] RIP: 0033:0x7f78e3094b19 [ 1581.996016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1581.997587] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1581.998243] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1581.998855] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1581.999456] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1582.000065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1582.000688] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:12:51 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2cb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdb980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:51 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 56) 14:12:51 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe2a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:51 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_io_uring_setup(0x30a6, &(0x7f0000000840)={0x0, 0x7897, 0x4, 0x0, 0x26, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000940), &(0x7f0000000980)) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000003c0)) fsetxattr$security_evm(r0, &(0x7f00000007c0), &(0x7f0000000800)=@md5={0x1, "09e9f0c9ec9bb0a5bfc306e440b8d3ce"}, 0x11, 0x3) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000440), 0xd781, 0x0) clone3(&(0x7f0000000480)={0x100, &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000200)=0x0, {0x29}, &(0x7f0000000240)=""/178, 0xb2, &(0x7f0000000300)=""/149, &(0x7f0000000400)=[r1], 0x1, {r2}}, 0xfe4c) r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x200200, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r4, 0x0) clone3(&(0x7f0000000740)={0x800, &(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580), {0xe}, &(0x7f00000005c0)=""/75, 0x4b, &(0x7f0000000640)=""/167, &(0x7f0000000700)=[r3], 0x1, {r4}}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x100000, &(0x7f00000009c0)=ANY=[@ANYBLOB="747792af0042890002000000", @ANYRESOCT, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',version=9p2000,\x00']) 14:12:51 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:51 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa35, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:51 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup3(r0, r0, 0x80000) recvfrom$unix(r1, &(0x7f0000000000)=""/62, 0x3e, 0x2, 0x0, 0x0) [ 1595.601959] FAULT_INJECTION: forcing a failure. [ 1595.601959] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.603100] CPU: 1 PID: 54028 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1595.603723] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1595.604621] Call Trace: [ 1595.604875] dump_stack+0x107/0x167 [ 1595.605193] should_fail.cold+0x5/0xa [ 1595.605549] ? __kernfs_new_node+0xd4/0x860 [ 1595.605928] should_failslab+0x5/0x20 [ 1595.606261] kmem_cache_alloc+0x5b/0x310 [ 1595.606627] __kernfs_new_node+0xd4/0x860 [ 1595.606992] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1595.607414] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.608024] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.608484] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1595.608981] kernfs_new_node+0x18d/0x250 [ 1595.609342] kernfs_create_dir_ns+0x49/0x160 [ 1595.609740] sysfs_create_dir_ns+0x127/0x290 [ 1595.610120] ? sysfs_create_mount_point+0xb0/0xb0 [ 1595.610570] ? rwlock_bug.part.0+0x90/0x90 [ 1595.610988] ? do_raw_spin_unlock+0x4f/0x220 [ 1595.611401] kobject_add_internal+0x25e/0xa30 [ 1595.611840] kobject_init_and_add+0x101/0x160 [ 1595.612251] ? kobject_create_and_add+0xb0/0xb0 [ 1595.612676] ? wait_for_completion_io+0x270/0x270 [ 1595.613118] ? kernfs_name_hash+0xe7/0x110 [ 1595.613631] ? kernfs_find_ns+0x256/0x380 [ 1595.614017] sysfs_slab_add+0x172/0x200 [ 1595.614369] __kmem_cache_create+0x3db/0x520 [ 1595.614755] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1595.615200] p9_client_create+0xc2b/0x11c0 [ 1595.615577] ? p9_client_flush+0x430/0x430 [ 1595.615946] ? trace_hardirqs_on+0x5b/0x180 [ 1595.616333] ? lockdep_init_map_type+0x2c7/0x780 [ 1595.616765] ? __raw_spin_lock_init+0x36/0x110 [ 1595.617179] v9fs_session_init+0x1dd/0x1680 [ 1595.617553] ? lock_release+0x680/0x680 [ 1595.617908] ? kmem_cache_alloc_trace+0x151/0x320 [ 1595.618441] ? v9fs_show_options+0x690/0x690 [ 1595.618908] ? trace_hardirqs_on+0x5b/0x180 [ 1595.619304] ? kasan_unpoison_shadow+0x33/0x50 [ 1595.619704] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1595.620144] v9fs_mount+0x79/0x8f0 [ 1595.620467] ? v9fs_write_inode+0x60/0x60 [ 1595.620845] legacy_get_tree+0x105/0x220 [ 1595.621201] vfs_get_tree+0x8e/0x300 [ 1595.621537] path_mount+0x1429/0x2120 [ 1595.621871] ? strncpy_from_user+0x9e/0x470 [ 1595.622244] ? finish_automount+0xa90/0xa90 [ 1595.622627] ? getname_flags.part.0+0x1dd/0x4f0 [ 1595.623030] ? _copy_from_user+0xfb/0x1b0 [ 1595.623617] __x64_sys_mount+0x282/0x300 [ 1595.624018] ? copy_mnt_ns+0xa00/0xa00 [ 1595.624363] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1595.624846] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.625296] do_syscall_64+0x33/0x40 [ 1595.625629] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1595.626072] RIP: 0033:0x7f78e3094b19 [ 1595.626398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.628142] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1595.628848] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1595.629461] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1595.630127] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1595.630882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.631636] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1595.632912] kobject_add_internal failed for 9p-fcall-cache (error: -12 parent: slab) [ 1595.634818] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1595.636441] CPU: 1 PID: 54028 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1595.638047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1595.640187] Call Trace: [ 1595.640650] dump_stack+0x107/0x167 [ 1595.640970] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1595.641425] p9_client_create+0xc2b/0x11c0 [ 1595.641806] ? p9_client_flush+0x430/0x430 [ 1595.642170] ? trace_hardirqs_on+0x5b/0x180 [ 1595.642556] ? lockdep_init_map_type+0x2c7/0x780 [ 1595.643041] ? __raw_spin_lock_init+0x36/0x110 [ 1595.643534] v9fs_session_init+0x1dd/0x1680 [ 1595.643924] ? lock_release+0x680/0x680 [ 1595.644272] ? kmem_cache_alloc_trace+0x151/0x320 [ 1595.645018] ? v9fs_show_options+0x690/0x690 [ 1595.646187] ? trace_hardirqs_on+0x5b/0x180 [ 1595.647154] ? kasan_unpoison_shadow+0x33/0x50 [ 1595.648178] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1595.649333] v9fs_mount+0x79/0x8f0 [ 1595.650125] ? v9fs_write_inode+0x60/0x60 [ 1595.651340] legacy_get_tree+0x105/0x220 [ 1595.655174] vfs_get_tree+0x8e/0x300 [ 1595.656408] path_mount+0x1429/0x2120 [ 1595.664690] ? strncpy_from_user+0x9e/0x470 [ 1595.665217] ? finish_automount+0xa90/0xa90 [ 1595.665619] ? getname_flags.part.0+0x1dd/0x4f0 [ 1595.666121] ? _copy_from_user+0xfb/0x1b0 [ 1595.666516] __x64_sys_mount+0x282/0x300 [ 1595.666891] ? copy_mnt_ns+0xa00/0xa00 [ 1595.667334] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1595.667824] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.668379] do_syscall_64+0x33/0x40 [ 1595.668740] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1595.669315] RIP: 0033:0x7f78e3094b19 [ 1595.669681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.672188] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1595.673160] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1595.673822] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1595.674507] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1595.675216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.675874] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:12:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdc980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:51 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa36, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1595.801300] FAULT_INJECTION: forcing a failure. [ 1595.801300] name failslab, interval 1, probability 0, space 0, times 0 [ 1595.802619] CPU: 0 PID: 54786 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1595.803208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1595.803907] Call Trace: [ 1595.804141] dump_stack+0x107/0x167 [ 1595.804458] should_fail.cold+0x5/0xa [ 1595.804804] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1595.805298] should_failslab+0x5/0x20 [ 1595.805625] kmem_cache_alloc+0x5b/0x310 [ 1595.805981] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1595.806462] idr_get_free+0x4b5/0x8f0 [ 1595.806801] idr_alloc_u32+0x170/0x2d0 [ 1595.807142] ? __fprop_inc_percpu_max+0x130/0x130 [ 1595.807558] ? lock_acquire+0x197/0x470 [ 1595.807906] ? __kernfs_new_node+0xff/0x860 [ 1595.808281] idr_alloc_cyclic+0x102/0x230 [ 1595.808645] ? idr_alloc+0x130/0x130 [ 1595.808966] ? rwlock_bug.part.0+0x90/0x90 [ 1595.809339] __kernfs_new_node+0x117/0x860 [ 1595.809705] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1595.810112] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.810559] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1595.811007] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1595.811470] kernfs_new_node+0x18d/0x250 [ 1595.811824] kernfs_create_dir_ns+0x49/0x160 [ 1595.812202] sysfs_create_dir_ns+0x127/0x290 [ 1595.812594] ? sysfs_create_mount_point+0xb0/0xb0 [ 1595.813016] ? rwlock_bug.part.0+0x90/0x90 [ 1595.813390] ? do_raw_spin_unlock+0x4f/0x220 [ 1595.813770] kobject_add_internal+0x25e/0xa30 [ 1595.814160] kobject_init_and_add+0x101/0x160 [ 1595.814547] ? kobject_create_and_add+0xb0/0xb0 [ 1595.814946] ? wait_for_completion_io+0x270/0x270 [ 1595.815357] ? kernfs_name_hash+0xe7/0x110 [ 1595.815723] ? kernfs_find_ns+0x256/0x380 [ 1595.816081] sysfs_slab_add+0x172/0x200 [ 1595.816422] __kmem_cache_create+0x3db/0x520 [ 1595.816823] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1595.817256] p9_client_create+0xc2b/0x11c0 [ 1595.817624] ? p9_client_flush+0x430/0x430 [ 1595.817984] ? trace_hardirqs_on+0x5b/0x180 [ 1595.818354] ? lockdep_init_map_type+0x2c7/0x780 [ 1595.818764] ? __raw_spin_lock_init+0x36/0x110 [ 1595.819164] v9fs_session_init+0x1dd/0x1680 [ 1595.819537] ? lock_release+0x680/0x680 [ 1595.819892] ? kmem_cache_alloc_trace+0x151/0x320 [ 1595.820314] ? v9fs_show_options+0x690/0x690 [ 1595.820714] ? trace_hardirqs_on+0x5b/0x180 [ 1595.821095] ? kasan_unpoison_shadow+0x33/0x50 [ 1595.821486] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1595.821926] v9fs_mount+0x79/0x8f0 [ 1595.822239] ? v9fs_write_inode+0x60/0x60 [ 1595.822600] legacy_get_tree+0x105/0x220 [ 1595.822953] vfs_get_tree+0x8e/0x300 [ 1595.823277] path_mount+0x1429/0x2120 [ 1595.823607] ? strncpy_from_user+0x9e/0x470 [ 1595.823985] ? finish_automount+0xa90/0xa90 [ 1595.824364] ? getname_flags.part.0+0x1dd/0x4f0 [ 1595.824787] ? _copy_from_user+0xfb/0x1b0 [ 1595.825157] __x64_sys_mount+0x282/0x300 [ 1595.825509] ? copy_mnt_ns+0xa00/0xa00 [ 1595.825855] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1595.826312] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1595.826759] do_syscall_64+0x33/0x40 [ 1595.827076] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1595.827516] RIP: 0033:0x7f78e3094b19 [ 1595.827835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1595.829410] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1595.830068] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1595.830677] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1595.831287] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1595.831894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1595.832521] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:12:52 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 57) 14:12:52 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x101) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x240086, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}, {@aname={'aname', 0x3d, '\xde#$%\x93B.'}}]}}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x6}}, './file1\x00'}) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000100)={{0x1, 0x1, 0x18, r3, {0x1}}, './file1\x00'}) 14:12:52 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2db9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:52 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:52 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe3a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:52 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdd980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:52 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = syz_io_uring_setup(0x4d4e, &(0x7f0000000900)={0x0, 0x26d, 0x0, 0x0, 0x13}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, r1, 0x10000000) fallocate(r1, 0xc, 0xffffffff80000001, 0x40) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r2, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x448004, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000003c0)={r3, 0x293, 0x40, 0xff}) r4 = gettid() timer_create(0x7, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r4}, &(0x7f0000000040)) clone3(&(0x7f0000000340)={0xc0010400, &(0x7f0000000080), &(0x7f0000000200), &(0x7f0000000240), {0x5}, &(0x7f0000000280)=""/22, 0x16, &(0x7f00000002c0)=""/22, &(0x7f0000000300)}, 0x58) mknodat(r0, &(0x7f0000000000)='./file1\x00', 0x400, 0xfff) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='drans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB="2c76547273696f6e1d3970326fdc5adf00"]) 14:12:52 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = openat$cgroup_ro(r0, &(0x7f0000000200)='blkio.bfq.time\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r2, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x1d}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000240)={{0x1, 0x1, 0x18, r3}, './file1\x00'}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@version_9p2000}]}}) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) sendfile(r6, r5, &(0x7f0000000080)=0x2, 0x5) 14:12:52 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa37, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:52 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:52 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2e00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:12:52 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe4a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:05 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 58) 14:13:05 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe5a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:05 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2eb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:05 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:05 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xde980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:05 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa38, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:05 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {r0}}, './file1\x00'}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2, {0x3, 0x101}}, './file1\x00'}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_9p2000}]}}) [ 1609.787133] FAULT_INJECTION: forcing a failure. [ 1609.787133] name failslab, interval 1, probability 0, space 0, times 0 [ 1609.788385] CPU: 1 PID: 56127 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1609.789069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1609.789931] Call Trace: [ 1609.790209] dump_stack+0x107/0x167 [ 1609.790585] should_fail.cold+0x5/0xa [ 1609.790991] ? create_object.isra.0+0x3a/0xa20 [ 1609.791466] should_failslab+0x5/0x20 [ 1609.791859] kmem_cache_alloc+0x5b/0x310 [ 1609.792289] create_object.isra.0+0x3a/0xa20 [ 1609.792736] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1609.793271] kmem_cache_alloc+0x159/0x310 [ 1609.793713] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1609.794300] idr_get_free+0x4b5/0x8f0 [ 1609.794707] idr_alloc_u32+0x170/0x2d0 [ 1609.795118] ? __fprop_inc_percpu_max+0x130/0x130 [ 1609.795628] ? lock_acquire+0x197/0x470 [ 1609.796051] ? __kernfs_new_node+0xff/0x860 [ 1609.796513] idr_alloc_cyclic+0x102/0x230 [ 1609.796905] ? idr_alloc+0x130/0x130 [ 1609.797225] ? rwlock_bug.part.0+0x90/0x90 [ 1609.797597] __kernfs_new_node+0x117/0x860 [ 1609.797963] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1609.798371] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1609.798820] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1609.799271] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1609.799730] kernfs_new_node+0x18d/0x250 [ 1609.800083] kernfs_create_dir_ns+0x49/0x160 [ 1609.800460] sysfs_create_dir_ns+0x127/0x290 [ 1609.800848] ? sysfs_create_mount_point+0xb0/0xb0 [ 1609.801260] ? rwlock_bug.part.0+0x90/0x90 [ 1609.801627] ? do_raw_spin_unlock+0x4f/0x220 [ 1609.802005] kobject_add_internal+0x25e/0xa30 [ 1609.802395] kobject_init_and_add+0x101/0x160 [ 1609.802780] ? kobject_create_and_add+0xb0/0xb0 [ 1609.803181] ? wait_for_completion_io+0x270/0x270 [ 1609.803591] ? kernfs_name_hash+0xe7/0x110 [ 1609.803956] ? kernfs_find_ns+0x256/0x380 [ 1609.804317] sysfs_slab_add+0x172/0x200 [ 1609.804668] __kmem_cache_create+0x3db/0x520 [ 1609.805054] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1609.805487] p9_client_create+0xc2b/0x11c0 [ 1609.805857] ? p9_client_flush+0x430/0x430 [ 1609.806221] ? trace_hardirqs_on+0x5b/0x180 [ 1609.806591] ? lockdep_init_map_type+0x2c7/0x780 [ 1609.807000] ? __raw_spin_lock_init+0x36/0x110 [ 1609.807395] v9fs_session_init+0x1dd/0x1680 [ 1609.807764] ? lock_release+0x680/0x680 [ 1609.808112] ? kmem_cache_alloc_trace+0x151/0x320 [ 1609.808523] ? v9fs_show_options+0x690/0x690 [ 1609.808920] ? trace_hardirqs_on+0x5b/0x180 [ 1609.809291] ? kasan_unpoison_shadow+0x33/0x50 [ 1609.809682] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1609.810119] v9fs_mount+0x79/0x8f0 [ 1609.810427] ? v9fs_write_inode+0x60/0x60 [ 1609.810784] legacy_get_tree+0x105/0x220 [ 1609.811134] vfs_get_tree+0x8e/0x300 [ 1609.811455] path_mount+0x1429/0x2120 [ 1609.811786] ? strncpy_from_user+0x9e/0x470 [ 1609.812154] ? finish_automount+0xa90/0xa90 [ 1609.812524] ? getname_flags.part.0+0x1dd/0x4f0 [ 1609.812934] ? _copy_from_user+0xfb/0x1b0 [ 1609.813294] __x64_sys_mount+0x282/0x300 [ 1609.813642] ? copy_mnt_ns+0xa00/0xa00 [ 1609.813978] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1609.814425] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1609.814865] do_syscall_64+0x33/0x40 [ 1609.815183] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1609.815623] RIP: 0033:0x7f78e3094b19 [ 1609.815944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1609.817502] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1609.818148] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1609.818751] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1609.819353] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1609.819955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1609.820555] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:13:05 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) write$binfmt_elf64(r0, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0x1a, 0x67, 0x7, 0x9, 0x2, 0x3e, 0x9, 0x2dc, 0x40, 0x6c, 0x2, 0xe693, 0x38, 0x1, 0x2, 0xff5c, 0x4}, [{0x6474e551, 0x0, 0x200, 0x0, 0x5, 0xffff, 0x10001, 0x9}, {0x0, 0x1, 0x0, 0x9, 0x7, 0x0, 0x2, 0x1}], "8230dce69cf6f65c23f7913e53d4da01b13c64d3cf2616814a59c4541d6aa6348c852d96740e7002a5db619a61b67f935c6d0cc7365b5d11cbece0e9e837e8", ['\x00']}, 0x1ef) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:13:06 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe6a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f0000000000)=0x5) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xdf980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe7a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cgroup_subtree(r0, &(0x7f0000000000), 0x2, 0x0) sendfile(r3, r1, &(0x7f0000000080)=0x7, 0x4) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x2fb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa39, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 59) 14:13:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa3a, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe8a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe0980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x30b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1624.706781] FAULT_INJECTION: forcing a failure. [ 1624.706781] name failslab, interval 1, probability 0, space 0, times 0 [ 1624.708613] CPU: 0 PID: 56978 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1624.710086] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1624.711522] Call Trace: [ 1624.711981] dump_stack+0x107/0x167 [ 1624.712611] should_fail.cold+0x5/0xa [ 1624.713083] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1624.713580] should_failslab+0x5/0x20 [ 1624.713907] kmem_cache_alloc+0x5b/0x310 [ 1624.714262] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1624.714741] idr_get_free+0x4b5/0x8f0 [ 1624.715077] idr_alloc_u32+0x170/0x2d0 [ 1624.715412] ? __fprop_inc_percpu_max+0x130/0x130 [ 1624.715830] ? lock_acquire+0x197/0x470 [ 1624.716172] ? __kernfs_new_node+0xff/0x860 [ 1624.716546] idr_alloc_cyclic+0x102/0x230 [ 1624.716909] ? idr_alloc+0x130/0x130 [ 1624.717268] ? rwlock_bug.part.0+0x90/0x90 [ 1624.717640] __kernfs_new_node+0x117/0x860 [ 1624.718004] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1624.718412] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1624.718858] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1624.719306] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1624.719764] kernfs_new_node+0x18d/0x250 [ 1624.720115] kernfs_create_dir_ns+0x49/0x160 [ 1624.720497] sysfs_create_dir_ns+0x127/0x290 [ 1624.720881] ? sysfs_create_mount_point+0xb0/0xb0 [ 1624.721298] ? rwlock_bug.part.0+0x90/0x90 [ 1624.721664] ? do_raw_spin_unlock+0x4f/0x220 [ 1624.722039] kobject_add_internal+0x25e/0xa30 [ 1624.722429] kobject_init_and_add+0x101/0x160 [ 1624.722814] ? kobject_create_and_add+0xb0/0xb0 [ 1624.723214] ? wait_for_completion_io+0x270/0x270 [ 1624.723627] ? kernfs_name_hash+0xe7/0x110 [ 1624.723991] ? kernfs_find_ns+0x256/0x380 [ 1624.724351] sysfs_slab_add+0x172/0x200 [ 1624.724693] __kmem_cache_create+0x3db/0x520 [ 1624.725084] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1624.725515] p9_client_create+0xc2b/0x11c0 [ 1624.725883] ? p9_client_flush+0x430/0x430 [ 1624.726245] ? trace_hardirqs_on+0x5b/0x180 [ 1624.726620] ? lockdep_init_map_type+0x2c7/0x780 [ 1624.727027] ? __raw_spin_lock_init+0x36/0x110 [ 1624.727422] v9fs_session_init+0x1dd/0x1680 [ 1624.727788] ? lock_release+0x680/0x680 [ 1624.728133] ? kmem_cache_alloc_trace+0x151/0x320 [ 1624.728550] ? v9fs_show_options+0x690/0x690 [ 1624.728939] ? trace_hardirqs_on+0x5b/0x180 [ 1624.729308] ? kasan_unpoison_shadow+0x33/0x50 [ 1624.729703] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1624.730139] v9fs_mount+0x79/0x8f0 [ 1624.730447] ? v9fs_write_inode+0x60/0x60 [ 1624.730801] legacy_get_tree+0x105/0x220 [ 1624.731148] vfs_get_tree+0x8e/0x300 [ 1624.731465] path_mount+0x1429/0x2120 [ 1624.731794] ? strncpy_from_user+0x9e/0x470 [ 1624.732161] ? finish_automount+0xa90/0xa90 [ 1624.732537] ? getname_flags.part.0+0x1dd/0x4f0 [ 1624.732947] ? _copy_from_user+0xfb/0x1b0 [ 1624.733305] __x64_sys_mount+0x282/0x300 [ 1624.733651] ? copy_mnt_ns+0xa00/0xa00 [ 1624.733985] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1624.734430] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1624.734869] do_syscall_64+0x33/0x40 [ 1624.735187] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1624.735621] RIP: 0033:0x7f78e3094b19 [ 1624.735940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1624.737490] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1624.738136] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1624.738740] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1624.739342] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1624.739948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1624.740549] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:13:21 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:21 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff}) stat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = syz_io_uring_setup(0x4d4f, &(0x7f0000000900), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r3, 0x8000000) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, r3, 0x10000000) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}], [{@fowner_eq={'fowner', 0x3d, r2}}, {@obj_type={'obj_type', 0x3d, '%!'}}, {@subj_type={'subj_type', 0x3d, '\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'version=9p2000'}}]}}) mmap$IORING_OFF_SQ_RING(&(0x7f0000e65000/0x4000)=nil, 0x4000, 0x9, 0x4010, 0xffffffffffffffff, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x28, r4, 0x621, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x1d}]}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}}, 0x0) fcntl$dupfd(r0, 0x406, r5) 14:13:21 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa3b, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1624.870418] 9pnet: Insufficient options for proto=fd 14:13:21 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe1980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe2980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa3c, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b8, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe9a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x31b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) openat(r0, &(0x7f0000000000)='./file1\x00', 0x100, 0x19) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="7472786e733d66646c7266646e6f3df71eceab72", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',version=9p2000,\x00']) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r2, 0x5000943f, &(0x7f0000000940)={{r1}, 0x0, 0x1a, @unused=[0x0, 0xfff, 0x1, 0x20], @subvolid=0x6}) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r3, 0x0) pread64(r3, &(0x7f0000000200)=""/228, 0xe4, 0x8) 14:13:35 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 60) 14:13:35 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}}) [ 1639.070921] 9pnet: Insufficient options for proto=fd [ 1639.089129] FAULT_INJECTION: forcing a failure. [ 1639.089129] name failslab, interval 1, probability 0, space 0, times 0 [ 1639.090345] CPU: 0 PID: 58635 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1639.090983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1639.091740] Call Trace: [ 1639.091998] dump_stack+0x107/0x167 [ 1639.092342] should_fail.cold+0x5/0xa [ 1639.092704] ? create_object.isra.0+0x3a/0xa20 [ 1639.093150] should_failslab+0x5/0x20 [ 1639.093507] kmem_cache_alloc+0x5b/0x310 [ 1639.093890] ? mark_held_locks+0x9e/0xe0 [ 1639.094271] create_object.isra.0+0x3a/0xa20 [ 1639.094682] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1639.095157] kmem_cache_alloc+0x159/0x310 [ 1639.095553] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1639.096075] idr_get_free+0x4b5/0x8f0 [ 1639.096444] idr_alloc_u32+0x170/0x2d0 [ 1639.096812] ? __fprop_inc_percpu_max+0x130/0x130 [ 1639.097282] ? lock_acquire+0x197/0x470 [ 1639.097655] ? __kernfs_new_node+0xff/0x860 [ 1639.098067] idr_alloc_cyclic+0x102/0x230 [ 1639.098456] ? idr_alloc+0x130/0x130 [ 1639.098806] ? rwlock_bug.part.0+0x90/0x90 [ 1639.099210] __kernfs_new_node+0x117/0x860 [ 1639.099611] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1639.100059] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1639.100549] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1639.101053] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1639.101558] kernfs_new_node+0x18d/0x250 [ 1639.101940] kernfs_create_dir_ns+0x49/0x160 [ 1639.102351] sysfs_create_dir_ns+0x127/0x290 [ 1639.102761] ? sysfs_create_mount_point+0xb0/0xb0 [ 1639.103207] ? rwlock_bug.part.0+0x90/0x90 [ 1639.103603] ? do_raw_spin_unlock+0x4f/0x220 [ 1639.104007] kobject_add_internal+0x25e/0xa30 [ 1639.104431] kobject_init_and_add+0x101/0x160 [ 1639.104849] ? kobject_create_and_add+0xb0/0xb0 [ 1639.105300] ? wait_for_completion_io+0x270/0x270 [ 1639.105748] ? kernfs_name_hash+0xe7/0x110 [ 1639.106142] ? kernfs_find_ns+0x256/0x380 [ 1639.106538] sysfs_slab_add+0x172/0x200 [ 1639.106916] __kmem_cache_create+0x3db/0x520 [ 1639.107328] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1639.107798] p9_client_create+0xc2b/0x11c0 [ 1639.108196] ? p9_client_flush+0x430/0x430 [ 1639.108593] ? trace_hardirqs_on+0x5b/0x180 [ 1639.109007] ? lockdep_init_map_type+0x2c7/0x780 [ 1639.109465] ? __raw_spin_lock_init+0x36/0x110 [ 1639.109896] v9fs_session_init+0x1dd/0x1680 [ 1639.110294] ? lock_release+0x680/0x680 [ 1639.110674] ? kmem_cache_alloc_trace+0x151/0x320 [ 1639.111122] ? v9fs_show_options+0x690/0x690 [ 1639.111542] ? trace_hardirqs_on+0x5b/0x180 [ 1639.111947] ? kasan_unpoison_shadow+0x33/0x50 [ 1639.112375] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1639.112853] v9fs_mount+0x79/0x8f0 [ 1639.113205] ? v9fs_write_inode+0x60/0x60 [ 1639.113595] legacy_get_tree+0x105/0x220 [ 1639.113978] vfs_get_tree+0x8e/0x300 [ 1639.114328] path_mount+0x1429/0x2120 [ 1639.114690] ? strncpy_from_user+0x9e/0x470 [ 1639.115093] ? finish_automount+0xa90/0xa90 [ 1639.115496] ? getname_flags.part.0+0x1dd/0x4f0 [ 1639.115928] ? _copy_from_user+0xfb/0x1b0 [ 1639.116323] __x64_sys_mount+0x282/0x300 [ 1639.116703] ? copy_mnt_ns+0xa00/0xa00 [ 1639.117086] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1639.117573] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1639.118052] do_syscall_64+0x33/0x40 [ 1639.118401] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1639.118870] RIP: 0033:0x7f78e3094b19 [ 1639.119216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1639.120871] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1639.121589] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1639.122239] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1639.122885] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1639.123533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1639.124176] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:13:35 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pidfd_getfd(0xffffffffffffffff, r0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa3d, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x32b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe3980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xeaa6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x100, 0x8000) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 61) 14:13:35 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa3e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:35 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ba, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1639.455326] FAULT_INJECTION: forcing a failure. [ 1639.455326] name failslab, interval 1, probability 0, space 0, times 0 [ 1639.457598] CPU: 1 PID: 59786 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1639.458236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1639.458998] Call Trace: [ 1639.459252] dump_stack+0x107/0x167 [ 1639.459591] should_fail.cold+0x5/0xa [ 1639.459962] ? create_object.isra.0+0x3a/0xa20 [ 1639.460382] should_failslab+0x5/0x20 [ 1639.460730] kmem_cache_alloc+0x5b/0x310 [ 1639.461339] ? mark_held_locks+0x9e/0xe0 [ 1639.462335] create_object.isra.0+0x3a/0xa20 [ 1639.463415] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1639.464645] kmem_cache_alloc+0x159/0x310 [ 1639.465689] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1639.467055] idr_get_free+0x4b5/0x8f0 [ 1639.467995] idr_alloc_u32+0x170/0x2d0 [ 1639.468960] ? __fprop_inc_percpu_max+0x130/0x130 [ 1639.470146] ? lock_acquire+0x197/0x470 [ 1639.471121] ? __kernfs_new_node+0xff/0x860 [ 1639.472165] idr_alloc_cyclic+0x102/0x230 [ 1639.473103] ? idr_alloc+0x130/0x130 [ 1639.473448] ? rwlock_bug.part.0+0x90/0x90 [ 1639.473862] __kernfs_new_node+0x117/0x860 [ 1639.474254] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1639.474706] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1639.475188] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1639.475693] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1639.476195] kernfs_new_node+0x18d/0x250 [ 1639.476583] kernfs_create_dir_ns+0x49/0x160 [ 1639.477064] sysfs_create_dir_ns+0x127/0x290 [ 1639.478159] ? sysfs_create_mount_point+0xb0/0xb0 [ 1639.479343] ? rwlock_bug.part.0+0x90/0x90 [ 1639.480367] ? do_raw_spin_unlock+0x4f/0x220 [ 1639.481465] kobject_add_internal+0x25e/0xa30 [ 1639.482564] kobject_init_and_add+0x101/0x160 [ 1639.483605] ? kobject_create_and_add+0xb0/0xb0 [ 1639.484678] ? wait_for_completion_io+0x270/0x270 [ 1639.485345] ? kernfs_name_hash+0xe7/0x110 [ 1639.485737] ? kernfs_find_ns+0x256/0x380 [ 1639.486127] sysfs_slab_add+0x172/0x200 [ 1639.486518] __kmem_cache_create+0x3db/0x520 [ 1639.486931] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1639.487415] p9_client_create+0xc2b/0x11c0 [ 1639.487812] ? p9_client_flush+0x430/0x430 [ 1639.488205] ? trace_hardirqs_on+0x5b/0x180 [ 1639.488625] ? lockdep_init_map_type+0x2c7/0x780 [ 1639.489134] ? __raw_spin_lock_init+0x36/0x110 [ 1639.489595] v9fs_session_init+0x1dd/0x1680 [ 1639.489995] ? lock_release+0x680/0x680 [ 1639.490371] ? kmem_cache_alloc_trace+0x151/0x320 [ 1639.490838] ? v9fs_show_options+0x690/0x690 [ 1639.491262] ? trace_hardirqs_on+0x5b/0x180 [ 1639.491692] ? kasan_unpoison_shadow+0x33/0x50 [ 1639.492115] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1639.492587] v9fs_mount+0x79/0x8f0 [ 1639.492947] ? v9fs_write_inode+0x60/0x60 [ 1639.493396] legacy_get_tree+0x105/0x220 [ 1639.493806] vfs_get_tree+0x8e/0x300 [ 1639.494156] path_mount+0x1429/0x2120 [ 1639.494515] ? strncpy_from_user+0x9e/0x470 [ 1639.494939] ? finish_automount+0xa90/0xa90 [ 1639.495351] ? getname_flags.part.0+0x1dd/0x4f0 [ 1639.495783] ? _copy_from_user+0xfb/0x1b0 [ 1639.496207] __x64_sys_mount+0x282/0x300 [ 1639.496605] ? copy_mnt_ns+0xa00/0xa00 [ 1639.497017] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1639.497547] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1639.498067] do_syscall_64+0x33/0x40 [ 1639.498434] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1639.498927] RIP: 0033:0x7f78e3094b19 [ 1639.499313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1639.501136] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1639.501882] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1639.502556] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1639.503258] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1639.503948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 14:13:35 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe4980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1639.504634] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:13:50 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0xfffffec6) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa3f, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x33b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 62) 14:13:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xeba6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1654.135613] FAULT_INJECTION: forcing a failure. [ 1654.135613] name failslab, interval 1, probability 0, space 0, times 0 [ 1654.136879] CPU: 1 PID: 60171 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1654.137639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1654.138544] Call Trace: [ 1654.138842] dump_stack+0x107/0x167 [ 1654.139242] should_fail.cold+0x5/0xa [ 1654.139669] ? create_object.isra.0+0x3a/0xa20 [ 1654.140178] should_failslab+0x5/0x20 [ 1654.140595] kmem_cache_alloc+0x5b/0x310 [ 1654.141017] create_object.isra.0+0x3a/0xa20 [ 1654.141463] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1654.141984] kmem_cache_alloc+0x159/0x310 [ 1654.142415] __kernfs_new_node+0xd4/0x860 [ 1654.142842] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1654.143325] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1654.143862] ? kernfs_add_one+0x124/0x4d0 [ 1654.144288] ? kernfs_create_dir_ns+0x10b/0x160 [ 1654.144764] kernfs_new_node+0x18d/0x250 [ 1654.145193] __kernfs_create_file+0x51/0x350 [ 1654.145645] sysfs_add_file_mode_ns+0x221/0x560 [ 1654.146156] internal_create_group+0x324/0xb30 [ 1654.146662] ? sysfs_remove_group+0x170/0x170 [ 1654.147155] ? kernfs_name_hash+0xe7/0x110 [ 1654.147630] ? kernfs_find_ns+0x256/0x380 [ 1654.148098] sysfs_slab_add+0x188/0x200 [ 1654.148545] __kmem_cache_create+0x3db/0x520 [ 1654.149038] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1654.149584] p9_client_create+0xc2b/0x11c0 [ 1654.150064] ? p9_client_flush+0x430/0x430 [ 1654.150536] ? trace_hardirqs_on+0x5b/0x180 [ 1654.151017] ? lockdep_init_map_type+0x2c7/0x780 [ 1654.151549] ? __raw_spin_lock_init+0x36/0x110 14:13:50 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB='(wo=', @ANYRESHEX=r1, @ANYBLOB=',version=9p2000\x00\x00']) 14:13:50 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6bb, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe4ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1654.152077] v9fs_session_init+0x1dd/0x1680 [ 1654.157238] ? lock_release+0x680/0x680 [ 1654.157623] ? kmem_cache_alloc_trace+0x151/0x320 [ 1654.158065] ? v9fs_show_options+0x690/0x690 [ 1654.158477] ? trace_hardirqs_on+0x5b/0x180 [ 1654.158887] ? kasan_unpoison_shadow+0x33/0x50 [ 1654.159313] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1654.159787] v9fs_mount+0x79/0x8f0 [ 1654.160121] ? v9fs_write_inode+0x60/0x60 [ 1654.160510] legacy_get_tree+0x105/0x220 [ 1654.160887] vfs_get_tree+0x8e/0x300 [ 1654.161295] path_mount+0x1429/0x2120 [ 1654.161657] ? strncpy_from_user+0x9e/0x470 [ 1654.162056] ? finish_automount+0xa90/0xa90 [ 1654.162456] ? getname_flags.part.0+0x1dd/0x4f0 [ 1654.162884] ? _copy_from_user+0xfb/0x1b0 [ 1654.163277] __x64_sys_mount+0x282/0x300 [ 1654.163653] ? copy_mnt_ns+0xa00/0xa00 [ 1654.164018] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1654.164499] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1654.164974] do_syscall_64+0x33/0x40 [ 1654.165343] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1654.165811] RIP: 0033:0x7f78e3094b19 [ 1654.166158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1654.167807] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1654.168506] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1654.169156] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1654.169831] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1654.170487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1654.171141] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1654.191346] 9pnet: Insufficient options for proto=fd 14:13:50 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x34b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FIONCLEX(r1, 0x5450) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6bc, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xeca6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe5980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa40, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:13:50 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 63) [ 1654.573641] FAULT_INJECTION: forcing a failure. [ 1654.573641] name failslab, interval 1, probability 0, space 0, times 0 [ 1654.574750] CPU: 1 PID: 61415 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1654.575391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1654.576126] Call Trace: [ 1654.576385] dump_stack+0x107/0x167 [ 1654.576727] should_fail.cold+0x5/0xa [ 1654.577089] ? radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1654.577636] should_failslab+0x5/0x20 [ 1654.578001] kmem_cache_alloc+0x5b/0x310 [ 1654.578395] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 1654.578915] idr_get_free+0x4b5/0x8f0 [ 1654.579289] idr_alloc_u32+0x170/0x2d0 [ 1654.579658] ? __fprop_inc_percpu_max+0x130/0x130 [ 1654.580117] ? lock_acquire+0x197/0x470 [ 1654.580498] ? __kernfs_new_node+0xff/0x860 [ 1654.580902] idr_alloc_cyclic+0x102/0x230 [ 1654.581298] ? idr_alloc+0x130/0x130 [ 1654.581645] ? rwlock_bug.part.0+0x90/0x90 [ 1654.582046] __kernfs_new_node+0x117/0x860 [ 1654.582444] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1654.582875] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1654.583359] ? kernfs_add_one+0x124/0x4d0 [ 1654.583742] ? kernfs_create_dir_ns+0x10b/0x160 [ 1654.584190] kernfs_new_node+0x18d/0x250 [ 1654.584577] __kernfs_create_file+0x51/0x350 [ 1654.584996] sysfs_add_file_mode_ns+0x221/0x560 [ 1654.585449] internal_create_group+0x324/0xb30 [ 1654.585875] ? sysfs_remove_group+0x170/0x170 [ 1654.586294] ? kernfs_name_hash+0xe7/0x110 [ 1654.586689] ? kernfs_find_ns+0x256/0x380 [ 1654.587075] sysfs_slab_add+0x188/0x200 [ 1654.587457] __kmem_cache_create+0x3db/0x520 [ 1654.587878] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1654.588394] p9_client_create+0xc2b/0x11c0 [ 1654.588883] ? p9_client_flush+0x430/0x430 [ 1654.589344] ? trace_hardirqs_on+0x5b/0x180 [ 1654.589813] ? lockdep_init_map_type+0x2c7/0x780 [ 1654.590315] ? __raw_spin_lock_init+0x36/0x110 [ 1654.590761] v9fs_session_init+0x1dd/0x1680 [ 1654.591178] ? lock_release+0x680/0x680 [ 1654.591615] ? kmem_cache_alloc_trace+0x151/0x320 [ 1654.592131] ? v9fs_show_options+0x690/0x690 [ 1654.592605] ? trace_hardirqs_on+0x5b/0x180 [ 1654.593059] ? kasan_unpoison_shadow+0x33/0x50 [ 1654.593560] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1654.594119] v9fs_mount+0x79/0x8f0 [ 1654.594507] ? v9fs_write_inode+0x60/0x60 [ 1654.594986] legacy_get_tree+0x105/0x220 [ 1654.595446] vfs_get_tree+0x8e/0x300 [ 1654.595884] path_mount+0x1429/0x2120 [ 1654.596319] ? strncpy_from_user+0x9e/0x470 [ 1654.596790] ? finish_automount+0xa90/0xa90 [ 1654.597280] ? getname_flags.part.0+0x1dd/0x4f0 [ 1654.597802] ? _copy_from_user+0xfb/0x1b0 [ 1654.598280] __x64_sys_mount+0x282/0x300 [ 1654.598717] ? copy_mnt_ns+0xa00/0xa00 [ 1654.599148] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1654.599724] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1654.600277] do_syscall_64+0x33/0x40 [ 1654.600677] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1654.601218] RIP: 0033:0x7f78e3094b19 [ 1654.601612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1654.605475] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1654.607350] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1654.608123] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1654.608926] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1654.609913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1654.611654] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:05 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x35b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 64) 14:14:05 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg$unix(r1, &(0x7f0000004800)=[{{&(0x7f0000000280), 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/90, 0x5a}, {&(0x7f0000000380)=""/68, 0x44}, {&(0x7f0000000080)=""/52, 0x34}, {&(0x7f0000000400)=""/160, 0xa0}, {&(0x7f00000004c0)=""/87, 0x57}, {&(0x7f0000000540)=""/115, 0x73}], 0x6}}, {{&(0x7f0000000640), 0x6e, &(0x7f0000001b80)=[{&(0x7f00000006c0)=""/222, 0xde}, {&(0x7f00000007c0)=""/132, 0x84}, {&(0x7f0000000940)=""/128, 0x80}, {&(0x7f00000009c0)=""/101, 0x65}, {&(0x7f0000000880)=""/55, 0x37}, {&(0x7f0000000a40)=""/121, 0x79}, {&(0x7f0000000ac0)=""/182, 0xb6}, {&(0x7f0000000b80)=""/4096, 0x1000}], 0x8, &(0x7f0000001c00)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd0}}, {{&(0x7f0000001d00)=@abs, 0x6e, &(0x7f0000001dc0)=[{&(0x7f0000001d80)=""/38, 0x26}], 0x1}}, {{&(0x7f0000001e00)=@abs, 0x6e, &(0x7f0000001ec0)=[{&(0x7f0000001e80)=""/25, 0x19}], 0x1, &(0x7f0000001f00)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}, {{&(0x7f0000001f80), 0x6e, &(0x7f0000004400)=[{&(0x7f0000002000)=""/4096, 0x1000}, {&(0x7f0000003000)=""/80, 0x50}, {&(0x7f0000003080)=""/151, 0x97}, {&(0x7f0000003140)=""/234, 0xea}, {&(0x7f0000003240)=""/52, 0x34}, {&(0x7f0000003280)=""/131, 0x83}, {&(0x7f0000003340)=""/4096, 0x1000}, {&(0x7f0000004340)=""/190, 0xbe}], 0x8, &(0x7f00000049c0)=ANY=[@ANYBLOB="20000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000079c26458801d4b8add18b3474756e5c387b0df48fbcd9143c24b6c932edb289488d3fb114ae15d40b77f2711716eb942e9687ea3b46322d656704793bcb17fc3ba3d9f566fc32af32de2c3338c7c"], 0x60}}, {{&(0x7f0000004500)=@abs, 0x6e, &(0x7f00000047c0)=[{&(0x7f0000004580)=""/241, 0xf1}, {&(0x7f0000004680)=""/192, 0xc0}, {&(0x7f0000004740)=""/121, 0x79}], 0x3}}], 0x6, 0x40000020, &(0x7f0000004980)) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r3, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x1, 0x1f, 0x7, 0x4, 0x0, 0xdc90, 0x4000, 0xa, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8d57, 0x2, @perf_config_ext={0x2, 0x3}, 0x80, 0x8, 0x0, 0x9, 0x4, 0xffffff99, 0x7, 0x0, 0x3, 0x0, 0x3}, r2, 0x5, r3, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000004a80)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c76657273696f6ebd3970323030302c00c0f21f3c023ba9a77b35c3371d9863c165cef7aa540ca5d43dd44d95a9875f4eda154f91bf7a0d5c21ca6db7ab74cd35212532a9fbff164e6d71db6bb9ee918c09e8fdfdf273785a772eacfaa432824d5cbd83c7977e8f90034d9054d9299db7a88a28687f1b2d91d80c086fbf074b05738638c3a7ec943fc17ed80130c6"]) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) mkdirat(r4, &(0x7f0000000000)='./file1\x00', 0xcd) 14:14:05 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe6980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6bd, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xeda6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x6) pipe(&(0x7f00000001c0)) 14:14:05 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa41, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1668.811513] FAULT_INJECTION: forcing a failure. [ 1668.811513] name failslab, interval 1, probability 0, space 0, times 0 [ 1668.812733] CPU: 1 PID: 61525 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1668.813465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1668.814343] Call Trace: [ 1668.814625] dump_stack+0x107/0x167 [ 1668.815014] should_fail.cold+0x5/0xa [ 1668.815420] ? create_object.isra.0+0x3a/0xa20 [ 1668.815906] should_failslab+0x5/0x20 [ 1668.816312] kmem_cache_alloc+0x5b/0x310 [ 1668.816746] create_object.isra.0+0x3a/0xa20 [ 1668.817207] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1668.817727] kmem_cache_alloc+0x159/0x310 [ 1668.818129] __kernfs_new_node+0xd4/0x860 [ 1668.818496] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1668.818910] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1668.819326] ? wait_for_completion_io+0x270/0x270 [ 1668.819741] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1668.820193] kernfs_new_node+0x18d/0x250 [ 1668.820544] __kernfs_create_file+0x51/0x350 [ 1668.820920] sysfs_add_file_mode_ns+0x221/0x560 [ 1668.821328] internal_create_group+0x324/0xb30 [ 1668.821733] ? sysfs_remove_group+0x170/0x170 [ 1668.822114] ? kernfs_name_hash+0xe7/0x110 [ 1668.822483] ? kernfs_find_ns+0x256/0x380 [ 1668.822845] sysfs_slab_add+0x188/0x200 [ 1668.823188] __kmem_cache_create+0x3db/0x520 [ 1668.823569] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1668.824000] p9_client_create+0xc2b/0x11c0 [ 1668.824372] ? p9_client_flush+0x430/0x430 [ 1668.824737] ? trace_hardirqs_on+0x5b/0x180 [ 1668.825109] ? lockdep_init_map_type+0x2c7/0x780 [ 1668.825528] ? __raw_spin_lock_init+0x36/0x110 [ 1668.825926] v9fs_session_init+0x1dd/0x1680 [ 1668.826299] ? lock_release+0x680/0x680 [ 1668.826651] ? kmem_cache_alloc_trace+0x151/0x320 [ 1668.827060] ? v9fs_show_options+0x690/0x690 [ 1668.827443] ? trace_hardirqs_on+0x5b/0x180 [ 1668.827815] ? kasan_unpoison_shadow+0x33/0x50 [ 1668.828207] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1668.828646] v9fs_mount+0x79/0x8f0 [ 1668.828954] ? v9fs_write_inode+0x60/0x60 [ 1668.829312] legacy_get_tree+0x105/0x220 [ 1668.829738] vfs_get_tree+0x8e/0x300 [ 1668.830128] path_mount+0x1429/0x2120 [ 1668.830537] ? strncpy_from_user+0x9e/0x470 [ 1668.830992] ? finish_automount+0xa90/0xa90 [ 1668.831450] ? getname_flags.part.0+0x1dd/0x4f0 [ 1668.831947] ? _copy_from_user+0xfb/0x1b0 [ 1668.832388] __x64_sys_mount+0x282/0x300 [ 1668.832817] ? copy_mnt_ns+0xa00/0xa00 [ 1668.833230] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1668.833777] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1668.834300] do_syscall_64+0x33/0x40 [ 1668.834672] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1668.835161] RIP: 0033:0x7f78e3094b19 [ 1668.835540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1668.837435] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1668.838192] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1668.838888] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1668.839579] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1668.840283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1668.840979] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:05 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x36b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6be, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f0000000640)={0x81a54180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) stat(&(0x7f0000000080)='./file1\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r2, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x20000, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_u}, {@dfltuid={'dfltuid', 0x3d, 0xee01}}, {@fscache}, {@cache_fscache}]}}) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x80010, r0, 0x10000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) recvmsg$unix(r1, &(0x7f0000000580)={&(0x7f0000000140), 0x6e, &(0x7f0000000000)=[{&(0x7f0000000280)=""/141, 0x8d}, {&(0x7f0000000340)=""/148, 0x94}, {&(0x7f0000000400)=""/158, 0x9e}], 0x3, &(0x7f00000004c0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}, 0x10122) r6 = openat$rtc(0xffffffffffffff9c, &(0x7f00000005c0), 0x2001, 0x0) r7 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) io_uring_register$IORING_REGISTER_FILES(r5, 0x2, &(0x7f0000000600)=[r6, r7, r1, r0], 0x4) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f00000006c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8001}}, './file1\x00'}) r9 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000002, 0x30, r4, 0x10000000) syz_io_uring_submit(0x0, r9, &(0x7f0000000780)=@IORING_OP_CONNECT={0x10, 0x4, 0x0, r4, 0x80, &(0x7f0000000700)=@vsock={0x28, 0x0, 0x18dfc6272c2a9930, @host}, 0x0, 0x0, 0x1, {0x0, r3}}, 0x6e) io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) 14:14:05 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xedc0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa42, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe7980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 65) [ 1669.117826] FAULT_INJECTION: forcing a failure. [ 1669.117826] name failslab, interval 1, probability 0, space 0, times 0 [ 1669.118930] CPU: 1 PID: 62611 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1669.119557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1669.120261] Call Trace: [ 1669.120495] dump_stack+0x107/0x167 [ 1669.120817] should_fail.cold+0x5/0xa [ 1669.121153] ? __kernfs_new_node+0xd4/0x860 [ 1669.121545] should_failslab+0x5/0x20 [ 1669.121878] kmem_cache_alloc+0x5b/0x310 [ 1669.122241] __kernfs_new_node+0xd4/0x860 [ 1669.122605] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1669.123019] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1669.123434] ? wait_for_completion_io+0x270/0x270 [ 1669.123849] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1669.124301] kernfs_new_node+0x18d/0x250 [ 1669.124651] __kernfs_create_file+0x51/0x350 [ 1669.125029] sysfs_add_file_mode_ns+0x221/0x560 [ 1669.125442] internal_create_group+0x324/0xb30 [ 1669.125844] ? sysfs_remove_group+0x170/0x170 [ 1669.126235] ? kernfs_name_hash+0xe7/0x110 [ 1669.126606] ? kernfs_find_ns+0x256/0x380 [ 1669.126971] sysfs_slab_add+0x188/0x200 [ 1669.127322] __kmem_cache_create+0x3db/0x520 [ 1669.127705] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1669.128136] p9_client_create+0xc2b/0x11c0 [ 1669.128509] ? p9_client_flush+0x430/0x430 [ 1669.128882] ? trace_hardirqs_on+0x5b/0x180 [ 1669.129271] ? lockdep_init_map_type+0x2c7/0x780 [ 1669.130376] ? __raw_spin_lock_init+0x36/0x110 [ 1669.131377] v9fs_session_init+0x1dd/0x1680 [ 1669.132341] ? lock_release+0x680/0x680 [ 1669.133231] ? kmem_cache_alloc_trace+0x151/0x320 [ 1669.134307] ? v9fs_show_options+0x690/0x690 [ 1669.135265] ? trace_hardirqs_on+0x5b/0x180 [ 1669.136217] ? kasan_unpoison_shadow+0x33/0x50 [ 1669.137219] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1669.138338] v9fs_mount+0x79/0x8f0 [ 1669.139114] ? v9fs_write_inode+0x60/0x60 [ 1669.140024] legacy_get_tree+0x105/0x220 [ 1669.140902] vfs_get_tree+0x8e/0x300 [ 1669.141717] path_mount+0x1429/0x2120 [ 1669.142547] ? strncpy_from_user+0x9e/0x470 [ 1669.143487] ? finish_automount+0xa90/0xa90 [ 1669.144412] ? getname_flags.part.0+0x1dd/0x4f0 [ 1669.145463] ? _copy_from_user+0xfb/0x1b0 [ 1669.146360] __x64_sys_mount+0x282/0x300 [ 1669.147242] ? copy_mnt_ns+0xa00/0xa00 [ 1669.148082] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1669.149235] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1669.150353] do_syscall_64+0x33/0x40 [ 1669.151162] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1669.152264] RIP: 0033:0x7f78e3094b19 [ 1669.153071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1669.157073] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1669.158737] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1669.160280] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1669.161840] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1669.163381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1669.164925] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:05 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xeea6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:05 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x37b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1669.188473] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1669.189152] CPU: 0 PID: 62611 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1669.193879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1669.194663] Call Trace: [ 1669.194926] dump_stack+0x107/0x167 [ 1669.195280] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1669.195800] p9_client_create+0xc2b/0x11c0 [ 1669.196217] ? p9_client_flush+0x430/0x430 [ 1669.196627] ? trace_hardirqs_on+0x5b/0x180 [ 1669.197045] ? lockdep_init_map_type+0x2c7/0x780 [ 1669.197518] ? __raw_spin_lock_init+0x36/0x110 [ 1669.197987] v9fs_session_init+0x1dd/0x1680 [ 1669.198413] ? lock_release+0x680/0x680 [ 1669.198824] ? kmem_cache_alloc_trace+0x151/0x320 [ 1669.199300] ? v9fs_show_options+0x690/0x690 [ 1669.200305] ? trace_hardirqs_on+0x5b/0x180 14:14:05 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_open_dev$hiddev(&(0x7f0000000000), 0x1ff, 0x4002) pidfd_getfd(r0, r1, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}}) setsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f0000000080)=0xfffb, 0x2) [ 1669.200758] ? kasan_unpoison_shadow+0x33/0x50 [ 1669.205875] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1669.206392] v9fs_mount+0x79/0x8f0 [ 1669.206755] ? v9fs_write_inode+0x60/0x60 [ 1669.207189] legacy_get_tree+0x105/0x220 [ 1669.207606] vfs_get_tree+0x8e/0x300 [ 1669.207981] path_mount+0x1429/0x2120 [ 1669.208379] ? strncpy_from_user+0x9e/0x470 [ 1669.208834] ? finish_automount+0xa90/0xa90 [ 1669.209269] ? getname_flags.part.0+0x1dd/0x4f0 [ 1669.209743] ? _copy_from_user+0xfb/0x1b0 [ 1669.210168] __x64_sys_mount+0x282/0x300 [ 1669.210584] ? copy_mnt_ns+0xa00/0xa00 [ 1669.210989] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1669.211530] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1669.212040] do_syscall_64+0x33/0x40 [ 1669.212429] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1669.213016] RIP: 0033:0x7f78e3094b19 [ 1669.213410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1669.215201] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1669.215977] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1669.216683] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1669.217318] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1669.217930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1669.218527] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:19 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018084dd1", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file1/file0\x00']) r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000200)={0x2, 0x80, 0x9, 0x43, 0x4, 0x3, 0x0, 0x81, 0x80000, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000000), 0x5}, 0x40000, 0xfffffffffffffe01, 0x1, 0x4, 0x80, 0x9, 0x81, 0x0, 0x2, 0x0, 0x1}, r3, 0x5, r4, 0x0) 14:14:19 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6bf, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:20 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 66) 14:14:20 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe8980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa43, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:20 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x145000) 14:14:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xefa6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x38b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1683.800697] FAULT_INJECTION: forcing a failure. [ 1683.800697] name failslab, interval 1, probability 0, space 0, times 0 [ 1683.802022] CPU: 1 PID: 63191 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1683.803248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1683.804704] Call Trace: [ 1683.805164] dump_stack+0x107/0x167 [ 1683.806709] should_fail.cold+0x5/0xa [ 1683.807366] ? create_object.isra.0+0x3a/0xa20 [ 1683.808156] should_failslab+0x5/0x20 [ 1683.808816] kmem_cache_alloc+0x5b/0x310 [ 1683.809529] create_object.isra.0+0x3a/0xa20 [ 1683.809912] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1683.810351] kmem_cache_alloc+0x159/0x310 [ 1683.810719] __kernfs_new_node+0xd4/0x860 [ 1683.811077] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1683.811490] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1683.811905] ? wait_for_completion_io+0x270/0x270 [ 1683.812320] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1683.812772] kernfs_new_node+0x18d/0x250 [ 1683.813123] __kernfs_create_file+0x51/0x350 [ 1683.813513] sysfs_add_file_mode_ns+0x221/0x560 [ 1683.813929] internal_create_group+0x324/0xb30 [ 1683.814328] ? sysfs_remove_group+0x170/0x170 [ 1683.814712] ? kernfs_name_hash+0xe7/0x110 [ 1683.815075] ? kernfs_find_ns+0x256/0x380 [ 1683.815442] sysfs_slab_add+0x188/0x200 [ 1683.815787] __kmem_cache_create+0x3db/0x520 [ 1683.816165] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1683.816602] p9_client_create+0xc2b/0x11c0 [ 1683.816974] ? p9_client_flush+0x430/0x430 [ 1683.817340] ? trace_hardirqs_on+0x5b/0x180 [ 1683.817737] ? lockdep_init_map_type+0x2c7/0x780 [ 1683.818143] ? __raw_spin_lock_init+0x36/0x110 [ 1683.818539] v9fs_session_init+0x1dd/0x1680 [ 1683.818906] ? lock_release+0x680/0x680 [ 1683.819251] ? kmem_cache_alloc_trace+0x151/0x320 [ 1683.819661] ? v9fs_show_options+0x690/0x690 [ 1683.820046] ? trace_hardirqs_on+0x5b/0x180 [ 1683.820417] ? kasan_unpoison_shadow+0x33/0x50 [ 1683.820810] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1683.821247] v9fs_mount+0x79/0x8f0 [ 1683.821565] ? v9fs_write_inode+0x60/0x60 [ 1683.821941] legacy_get_tree+0x105/0x220 [ 1683.822291] vfs_get_tree+0x8e/0x300 [ 1683.822608] path_mount+0x1429/0x2120 [ 1683.822938] ? strncpy_from_user+0x9e/0x470 [ 1683.823305] ? finish_automount+0xa90/0xa90 [ 1683.823673] ? getname_flags.part.0+0x1dd/0x4f0 [ 1683.824073] ? _copy_from_user+0xfb/0x1b0 [ 1683.824434] __x64_sys_mount+0x282/0x300 [ 1683.824779] ? copy_mnt_ns+0xa00/0xa00 [ 1683.825117] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1683.825580] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1683.826022] do_syscall_64+0x33/0x40 [ 1683.826345] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1683.826779] RIP: 0033:0x7f78e3094b19 [ 1683.827096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1683.828652] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1683.829307] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1683.829926] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1683.830531] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1683.831136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1683.831739] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:20 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xe9980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x39b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x200, 0x80400) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000080)) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xea980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x1, @mcast1}, 0x1c) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r3, 0x0) openat(r3, &(0x7f0000000000)='./file1\x00', 0x4000, 0xf3e6fc7cc5943759) 14:14:34 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 67) 14:14:34 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf0a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1698.167839] FAULT_INJECTION: forcing a failure. [ 1698.167839] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.169566] CPU: 1 PID: 64027 Comm: syz-executor.3 Not tainted 5.10.223 #1 14:14:34 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa44, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6c0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1698.170160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.177788] Call Trace: [ 1698.178022] dump_stack+0x107/0x167 [ 1698.178336] should_fail.cold+0x5/0xa [ 1698.178665] ? __kernfs_new_node+0xd4/0x860 [ 1698.179037] should_failslab+0x5/0x20 [ 1698.179364] kmem_cache_alloc+0x5b/0x310 [ 1698.179713] __kernfs_new_node+0xd4/0x860 [ 1698.180067] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1698.180477] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.180887] ? wait_for_completion_io+0x270/0x270 [ 1698.181301] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1698.181764] kernfs_new_node+0x18d/0x250 [ 1698.182116] __kernfs_create_file+0x51/0x350 [ 1698.182496] sysfs_add_file_mode_ns+0x221/0x560 [ 1698.182901] internal_create_group+0x324/0xb30 [ 1698.183298] ? sysfs_remove_group+0x170/0x170 [ 1698.183680] ? kernfs_name_hash+0xe7/0x110 [ 1698.184042] ? kernfs_find_ns+0x256/0x380 [ 1698.184408] sysfs_slab_add+0x188/0x200 [ 1698.184756] __kmem_cache_create+0x3db/0x520 [ 1698.185132] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1698.185564] p9_client_create+0xc2b/0x11c0 [ 1698.185955] ? p9_client_flush+0x430/0x430 [ 1698.186324] ? trace_hardirqs_on+0x5b/0x180 [ 1698.186697] ? lockdep_init_map_type+0x2c7/0x780 [ 1698.187109] ? __raw_spin_lock_init+0x36/0x110 [ 1698.187505] v9fs_session_init+0x1dd/0x1680 [ 1698.187877] ? lock_release+0x680/0x680 [ 1698.188223] ? kmem_cache_alloc_trace+0x151/0x320 [ 1698.188630] ? v9fs_show_options+0x690/0x690 [ 1698.189010] ? trace_hardirqs_on+0x5b/0x180 [ 1698.189379] ? kasan_unpoison_shadow+0x33/0x50 [ 1698.189795] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.190233] v9fs_mount+0x79/0x8f0 [ 1698.190542] ? v9fs_write_inode+0x60/0x60 [ 1698.190899] legacy_get_tree+0x105/0x220 [ 1698.191246] vfs_get_tree+0x8e/0x300 [ 1698.191565] path_mount+0x1429/0x2120 [ 1698.191901] ? strncpy_from_user+0x9e/0x470 [ 1698.192268] ? finish_automount+0xa90/0xa90 [ 1698.192639] ? getname_flags.part.0+0x1dd/0x4f0 [ 1698.193037] ? _copy_from_user+0xfb/0x1b0 [ 1698.193397] __x64_sys_mount+0x282/0x300 [ 1698.193757] ? copy_mnt_ns+0xa00/0xa00 [ 1698.194094] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.194538] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.194978] do_syscall_64+0x33/0x40 [ 1698.195298] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.195735] RIP: 0033:0x7f78e3094b19 [ 1698.196059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.197617] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1698.198282] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1698.198891] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1698.199500] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1698.200108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.200713] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1698.206676] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1698.207261] CPU: 1 PID: 64027 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1698.207842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.208541] Call Trace: [ 1698.208767] dump_stack+0x107/0x167 [ 1698.209082] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1698.209534] p9_client_create+0xc2b/0x11c0 [ 1698.209910] ? p9_client_flush+0x430/0x430 [ 1698.210273] ? trace_hardirqs_on+0x5b/0x180 [ 1698.210646] ? lockdep_init_map_type+0x2c7/0x780 [ 1698.211057] ? __raw_spin_lock_init+0x36/0x110 [ 1698.211453] v9fs_session_init+0x1dd/0x1680 [ 1698.211824] ? lock_release+0x680/0x680 [ 1698.212168] ? kmem_cache_alloc_trace+0x151/0x320 [ 1698.212584] ? v9fs_show_options+0x690/0x690 [ 1698.212966] ? trace_hardirqs_on+0x5b/0x180 [ 1698.213337] ? kasan_unpoison_shadow+0x33/0x50 [ 1698.213740] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.214181] v9fs_mount+0x79/0x8f0 [ 1698.214491] ? v9fs_write_inode+0x60/0x60 [ 1698.214849] legacy_get_tree+0x105/0x220 [ 1698.215198] vfs_get_tree+0x8e/0x300 [ 1698.215517] path_mount+0x1429/0x2120 [ 1698.215852] ? strncpy_from_user+0x9e/0x470 [ 1698.216222] ? finish_automount+0xa90/0xa90 [ 1698.216593] ? getname_flags.part.0+0x1dd/0x4f0 [ 1698.216992] ? _copy_from_user+0xfb/0x1b0 [ 1698.217354] __x64_sys_mount+0x282/0x300 [ 1698.217706] ? copy_mnt_ns+0xa00/0xa00 [ 1698.218052] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.218499] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.218938] do_syscall_64+0x33/0x40 [ 1698.219256] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.219693] RIP: 0033:0x7f78e3094b19 [ 1698.220015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.221572] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1698.222267] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1698.222869] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1698.223468] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1698.224071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.224677] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:34 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf0df, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xeb980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6c1, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa45, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3a01, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:34 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 68) 14:14:34 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB, @ANYRESHEX=r3, @ANYBLOB=',version=9p2000,debug=0x0000000000000400,\x00']) r4 = openat$cgroup_freezer_state(r0, &(0x7f0000000000), 0x2, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r5, 0x0) r6 = dup3(r2, r2, 0x80000) ftruncate(r5, 0x7) pidfd_getfd(r5, r6, 0x0) r7 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r7, 0x0) ioctl$BTRFS_IOC_SEND(r7, 0x40489426, &(0x7f00000002c0)={{r4}, 0x7, &(0x7f0000000280)=[0x7fff, 0xffffffffffffffc0, 0xffffffff, 0x8, 0x7e, 0x9, 0x9], 0x6, 0x4, [0x8, 0x1f, 0x0, 0x200]}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, 0xffffffffffffffff, 0x8000000) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, 0xffffffffffffffff, 0x10000000) sendfile(r2, 0xffffffffffffffff, &(0x7f0000000340)=0x7, 0x10000) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1f, 0x2, 0x3, 0x7, 0x0, 0x9, 0x10000, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000080), 0x9}, 0x400a4, 0x7fffffff, 0x7fffffff, 0x2, 0x2, 0xce, 0x0, 0x0, 0x5, 0x0, 0x3}, r1, 0x4, 0xffffffffffffffff, 0x9) [ 1698.444794] 9pnet: Insufficient options for proto=fd [ 1698.476171] FAULT_INJECTION: forcing a failure. [ 1698.476171] name failslab, interval 1, probability 0, space 0, times 0 [ 1698.477272] CPU: 0 PID: 64985 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1698.477883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1698.478595] Call Trace: [ 1698.478829] dump_stack+0x107/0x167 [ 1698.479146] should_fail.cold+0x5/0xa [ 1698.479479] ? create_object.isra.0+0x3a/0xa20 [ 1698.479876] should_failslab+0x5/0x20 [ 1698.480207] kmem_cache_alloc+0x5b/0x310 [ 1698.480557] create_object.isra.0+0x3a/0xa20 [ 1698.480930] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.481368] kmem_cache_alloc+0x159/0x310 [ 1698.481783] __kernfs_new_node+0xd4/0x860 [ 1698.482157] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1698.482567] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1698.482979] ? wait_for_completion_io+0x270/0x270 [ 1698.483393] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1698.483849] kernfs_new_node+0x18d/0x250 [ 1698.484197] __kernfs_create_file+0x51/0x350 [ 1698.484571] sysfs_add_file_mode_ns+0x221/0x560 [ 1698.484973] internal_create_group+0x324/0xb30 [ 1698.485365] ? sysfs_remove_group+0x170/0x170 [ 1698.485755] ? kernfs_name_hash+0xe7/0x110 [ 1698.486123] ? kernfs_find_ns+0x256/0x380 [ 1698.486480] sysfs_slab_add+0x188/0x200 [ 1698.486823] __kmem_cache_create+0x3db/0x520 [ 1698.487203] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1698.487634] p9_client_create+0xc2b/0x11c0 [ 1698.488001] ? p9_client_flush+0x430/0x430 [ 1698.488362] ? trace_hardirqs_on+0x5b/0x180 [ 1698.488729] ? lockdep_init_map_type+0x2c7/0x780 [ 1698.489135] ? __raw_spin_lock_init+0x36/0x110 [ 1698.489536] v9fs_session_init+0x1dd/0x1680 [ 1698.489939] ? lock_release+0x680/0x680 [ 1698.490284] ? kmem_cache_alloc_trace+0x151/0x320 [ 1698.490692] ? v9fs_show_options+0x690/0x690 [ 1698.491070] ? trace_hardirqs_on+0x5b/0x180 [ 1698.491445] ? kasan_unpoison_shadow+0x33/0x50 [ 1698.491830] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1698.492267] v9fs_mount+0x79/0x8f0 [ 1698.492572] ? v9fs_write_inode+0x60/0x60 [ 1698.492921] legacy_get_tree+0x105/0x220 [ 1698.493268] vfs_get_tree+0x8e/0x300 [ 1698.493585] path_mount+0x1429/0x2120 [ 1698.493979] ? strncpy_from_user+0x9e/0x470 [ 1698.494346] ? finish_automount+0xa90/0xa90 [ 1698.494718] ? getname_flags.part.0+0x1dd/0x4f0 [ 1698.495117] ? _copy_from_user+0xfb/0x1b0 [ 1698.495478] __x64_sys_mount+0x282/0x300 [ 1698.495827] ? copy_mnt_ns+0xa00/0xa00 [ 1698.496164] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1698.496618] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1698.497060] do_syscall_64+0x33/0x40 [ 1698.497378] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1698.497855] RIP: 0033:0x7f78e3094b19 [ 1698.498176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1698.499703] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1698.500343] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1698.500941] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 14:14:34 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf1a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1698.501539] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1698.502170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1698.502771] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:34 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r0, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) openat(r0, &(0x7f0000000000)='./file1\x00', 0x500, 0x2) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB="2c7766646e033d", @ANYRESHEX=r2, @ANYBLOB="2e767d7273696f6e3d3970321b30302c00"]) 14:14:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3ab9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:48 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$sg(&(0x7f0000000240), 0x5a6, 0x2040) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="7472616e733d66642c0066646e6f3d02b15186b25f010008ac956ba744f7164ac4404fbd61d2148bd80f0cb142dd80a79141767d400092eba94bede0a1140f3bf66d22278d653004e0c54e36e03ba420d22f6a0fc35aca093235f251496f93aa9c983bbbef05cc65b1116a713dd1a3c674f2e58ac2bd19b2d922f4a3ab1e3287445c156204b4b65e0511b48f3fb2d309dbe9b7f8738d64dd8d00954a9d88b63f2a6fe00fa7024fc3feb215c3ac63f29d1324c95ece12affb5ceb1dac25de777c92f5fe77e9096a9a253323d109a31a0125629d397c13be4165d6c15d1730987c66beaca3ab3f5b", @ANYRESHEX=r0, @ANYBLOB="2c776664033e3d", @ANYRESHEX=r1, @ANYBLOB=',version=9p2000,\x00']) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x181240) ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000080)={0x3, 0x8}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000200)={0x4, @tick=0x7d4b, 0x9, {0x6, 0x6}, 0xff, 0x2, 0x9}) 14:14:48 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xec980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:48 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r3, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000240)={{{@in=@loopback, @in=@loopback}}, {{@in=@loopback}, 0x0, @in=@multicast2}}, &(0x7f0000000340)=0xe8) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x4002a, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}, {@fscache}, {@access_user}], [{@euid_gt}, {@dont_measure}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@measure}, {@fsuuid={'fsuuid', 0x3d, {[0x62, 0x61, 0x0, 0x31, 0x35, 0x31, 0x61, 0x31], 0x2d, [0x61, 0x62, 0x61, 0x36], 0x2d, [0x39, 0x37, 0x39, 0x30], 0x2d, [0x3e, 0x37, 0x35, 0x32], 0x2d, [0x64, 0x39, 0x62, 0x39, 0x65, 0x36, 0x32, 0x30]}}}, {@subj_type}]}}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:14:48 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 69) 14:14:48 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6c2, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:48 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf2a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:48 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3bb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:48 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa46, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1712.728213] 9pnet: Insufficient options for proto=fd [ 1712.773911] FAULT_INJECTION: forcing a failure. [ 1712.773911] name failslab, interval 1, probability 0, space 0, times 0 [ 1712.775255] CPU: 1 PID: 65854 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1712.775946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1712.776791] Call Trace: [ 1712.777065] dump_stack+0x107/0x167 [ 1712.777451] should_fail.cold+0x5/0xa [ 1712.777869] ? __kernfs_new_node+0xd4/0x860 [ 1712.778330] should_failslab+0x5/0x20 [ 1712.778734] kmem_cache_alloc+0x5b/0x310 [ 1712.779158] __kernfs_new_node+0xd4/0x860 [ 1712.779602] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1712.780110] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1712.780573] ? wait_for_completion_io+0x270/0x270 [ 1712.781086] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1712.781640] kernfs_new_node+0x18d/0x250 [ 1712.786102] __kernfs_create_file+0x51/0x350 [ 1712.786567] sysfs_add_file_mode_ns+0x221/0x560 [ 1712.787077] internal_create_group+0x324/0xb30 [ 1712.787553] ? sysfs_remove_group+0x170/0x170 [ 1712.787983] ? kernfs_name_hash+0xe7/0x110 [ 1712.788427] ? kernfs_find_ns+0x256/0x380 [ 1712.788875] sysfs_slab_add+0x188/0x200 [ 1712.789303] __kmem_cache_create+0x3db/0x520 [ 1712.789773] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1712.790326] p9_client_create+0xc2b/0x11c0 [ 1712.790775] ? p9_client_flush+0x430/0x430 [ 1712.791228] ? trace_hardirqs_on+0x5b/0x180 [ 1712.791676] ? lockdep_init_map_type+0x2c7/0x780 [ 1712.792179] ? __raw_spin_lock_init+0x36/0x110 [ 1712.792660] v9fs_session_init+0x1dd/0x1680 [ 1712.793119] ? lock_release+0x680/0x680 [ 1712.793538] ? kmem_cache_alloc_trace+0x151/0x320 [ 1712.794060] ? v9fs_show_options+0x690/0x690 [ 1712.794529] ? trace_hardirqs_on+0x5b/0x180 [ 1712.794989] ? kasan_unpoison_shadow+0x33/0x50 [ 1712.795473] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1712.796015] v9fs_mount+0x79/0x8f0 [ 1712.796402] ? v9fs_write_inode+0x60/0x60 [ 1712.796842] legacy_get_tree+0x105/0x220 [ 1712.797252] vfs_get_tree+0x8e/0x300 [ 1712.797601] path_mount+0x1429/0x2120 [ 1712.797969] ? strncpy_from_user+0x9e/0x470 [ 1712.798373] ? finish_automount+0xa90/0xa90 [ 1712.798768] ? getname_flags.part.0+0x1dd/0x4f0 [ 1712.799202] ? _copy_from_user+0xfb/0x1b0 [ 1712.799604] __x64_sys_mount+0x282/0x300 [ 1712.800037] ? copy_mnt_ns+0xa00/0xa00 [ 1712.800441] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1712.800988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1712.801487] do_syscall_64+0x33/0x40 [ 1712.801882] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1712.802408] RIP: 0033:0x7f78e3094b19 [ 1712.802795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1712.810144] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1712.810921] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1712.811621] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1712.812354] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1712.813088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1712.813823] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1712.829762] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1712.830464] CPU: 0 PID: 65854 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1712.838103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1712.842153] Call Trace: [ 1712.842430] dump_stack+0x107/0x167 [ 1712.842809] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1712.843378] p9_client_create+0xc2b/0x11c0 [ 1712.843832] ? p9_client_flush+0x430/0x430 [ 1712.844291] ? trace_hardirqs_on+0x5b/0x180 [ 1712.844766] ? lockdep_init_map_type+0x2c7/0x780 [ 1712.845280] ? __raw_spin_lock_init+0x36/0x110 [ 1712.845747] v9fs_session_init+0x1dd/0x1680 [ 1712.846222] ? lock_release+0x680/0x680 [ 1712.846641] ? kmem_cache_alloc_trace+0x151/0x320 [ 1712.847164] ? v9fs_show_options+0x690/0x690 [ 1712.847652] ? trace_hardirqs_on+0x5b/0x180 [ 1712.848116] ? kasan_unpoison_shadow+0x33/0x50 [ 1712.848613] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1712.849164] v9fs_mount+0x79/0x8f0 [ 1712.853969] ? v9fs_write_inode+0x60/0x60 [ 1712.854380] legacy_get_tree+0x105/0x220 [ 1712.854819] vfs_get_tree+0x8e/0x300 [ 1712.855200] path_mount+0x1429/0x2120 [ 1712.855604] ? strncpy_from_user+0x9e/0x470 [ 1712.856078] ? finish_automount+0xa90/0xa90 [ 1712.862147] ? getname_flags.part.0+0x1dd/0x4f0 [ 1712.862588] ? _copy_from_user+0xfb/0x1b0 [ 1712.862975] __x64_sys_mount+0x282/0x300 [ 1712.863348] ? copy_mnt_ns+0xa00/0xa00 [ 1712.863723] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1712.864201] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1712.864689] do_syscall_64+0x33/0x40 [ 1712.865032] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1712.865496] RIP: 0033:0x7f78e3094b19 [ 1712.865859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1712.867677] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1712.868461] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1712.869196] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1712.869921] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1712.870584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1712.871244] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:49 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3cb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf3a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa47, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6c3, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xed980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c7766646e863d4fea1dcefe8a0bef93cef133d084d4bb7331120cc6408e72dd800fef029395fb3eef914c9d86d560761294de12b7d3f1cc57ed1b07b565ddf64a003b52302052fd25bbb7d1dbf59ecb7cacf48d075411e8adfd30916b49a63fa89298a4c9c81a608b5002376bbcf8385fb5b9e6c9cb5b92f19e72387774", @ANYRESHEX=r1, @ANYBLOB=',version=9p2000,\x00']) [ 1713.045723] 9pnet: Insufficient options for proto=fd 14:14:49 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3db9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 70) 14:14:49 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa48, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf4a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1713.158942] FAULT_INJECTION: forcing a failure. [ 1713.158942] name failslab, interval 1, probability 0, space 0, times 0 [ 1713.160127] CPU: 0 PID: 67131 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1713.160784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1713.161565] Call Trace: [ 1713.161823] dump_stack+0x107/0x167 [ 1713.162187] should_fail.cold+0x5/0xa [ 1713.162551] ? __kernfs_new_node+0xd4/0x860 [ 1713.162959] should_failslab+0x5/0x20 [ 1713.163324] kmem_cache_alloc+0x5b/0x310 [ 1713.163709] __kernfs_new_node+0xd4/0x860 [ 1713.164109] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1713.164567] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1713.165032] ? wait_for_completion_io+0x270/0x270 [ 1713.165503] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1713.166018] kernfs_new_node+0x18d/0x250 [ 1713.166404] __kernfs_create_file+0x51/0x350 [ 1713.166835] sysfs_add_file_mode_ns+0x221/0x560 [ 1713.167288] internal_create_group+0x324/0xb30 [ 1713.167723] ? sysfs_remove_group+0x170/0x170 [ 1713.168147] ? kernfs_name_hash+0xe7/0x110 [ 1713.168555] ? kernfs_find_ns+0x256/0x380 [ 1713.168955] sysfs_slab_add+0x188/0x200 [ 1713.169338] __kmem_cache_create+0x3db/0x520 [ 1713.169760] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1713.170247] p9_client_create+0xc2b/0x11c0 [ 1713.170654] ? p9_client_flush+0x430/0x430 [ 1713.171058] ? trace_hardirqs_on+0x5b/0x180 [ 1713.171468] ? lockdep_init_map_type+0x2c7/0x780 [ 1713.171922] ? __raw_spin_lock_init+0x36/0x110 [ 1713.172361] v9fs_session_init+0x1dd/0x1680 [ 1713.172770] ? lock_release+0x680/0x680 [ 1713.173151] ? kmem_cache_alloc_trace+0x151/0x320 [ 1713.173610] ? v9fs_show_options+0x690/0x690 [ 1713.174041] ? trace_hardirqs_on+0x5b/0x180 [ 1713.174451] ? kasan_unpoison_shadow+0x33/0x50 [ 1713.174876] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1713.175362] v9fs_mount+0x79/0x8f0 [ 1713.175703] ? v9fs_write_inode+0x60/0x60 [ 1713.176099] legacy_get_tree+0x105/0x220 [ 1713.176483] vfs_get_tree+0x8e/0x300 [ 1713.176835] path_mount+0x1429/0x2120 [ 1713.177204] ? strncpy_from_user+0x9e/0x470 [ 1713.177615] ? finish_automount+0xa90/0xa90 [ 1713.178033] ? getname_flags.part.0+0x1dd/0x4f0 [ 1713.178469] ? _copy_from_user+0xfb/0x1b0 [ 1713.178869] __x64_sys_mount+0x282/0x300 [ 1713.179256] ? copy_mnt_ns+0xa00/0xa00 [ 1713.179629] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1713.180129] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1713.180616] do_syscall_64+0x33/0x40 [ 1713.180971] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1713.181449] RIP: 0033:0x7f78e3094b19 [ 1713.181804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1713.183532] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1713.184255] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1713.184925] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1713.185602] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1713.186286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1713.186950] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:14:49 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xee980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6c4, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:14:49 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3eb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1713.277158] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1713.278554] CPU: 0 PID: 67131 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1713.279215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1713.279998] Call Trace: [ 1713.280256] dump_stack+0x107/0x167 [ 1713.280603] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1713.281110] p9_client_create+0xc2b/0x11c0 [ 1713.281518] ? p9_client_flush+0x430/0x430 [ 1713.281934] ? trace_hardirqs_on+0x5b/0x180 [ 1713.282350] ? lockdep_init_map_type+0x2c7/0x780 [ 1713.282804] ? __raw_spin_lock_init+0x36/0x110 [ 1713.283248] v9fs_session_init+0x1dd/0x1680 [ 1713.283652] ? lock_release+0x680/0x680 [ 1713.284040] ? kmem_cache_alloc_trace+0x151/0x320 [ 1713.284497] ? v9fs_show_options+0x690/0x690 [ 1713.284927] ? trace_hardirqs_on+0x5b/0x180 [ 1713.285345] ? kasan_unpoison_shadow+0x33/0x50 [ 1713.285777] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1713.286292] v9fs_mount+0x79/0x8f0 [ 1713.286643] ? v9fs_write_inode+0x60/0x60 [ 1713.287038] legacy_get_tree+0x105/0x220 [ 1713.287428] vfs_get_tree+0x8e/0x300 [ 1713.287782] path_mount+0x1429/0x2120 [ 1713.288147] ? strncpy_from_user+0x9e/0x470 [ 1713.288557] ? finish_automount+0xa90/0xa90 [ 1713.288971] ? getname_flags.part.0+0x1dd/0x4f0 [ 1713.289418] ? _copy_from_user+0xfb/0x1b0 [ 1713.289819] __x64_sys_mount+0x282/0x300 [ 1713.290216] ? copy_mnt_ns+0xa00/0xa00 [ 1713.290590] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1713.291088] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1713.291576] do_syscall_64+0x33/0x40 [ 1713.291930] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1713.292421] RIP: 0033:0x7f78e3094b19 [ 1713.292778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1713.294519] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1713.295237] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1713.295911] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1713.296584] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1713.297262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1713.297943] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:05 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xef980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:05 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f0000000480)={0x11040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) preadv2(r2, &(0x7f0000000000)=[{&(0x7f0000000200)=""/119, 0x77}, {&(0x7f0000000280)=""/195, 0xc3}, {&(0x7f0000000380)=""/93, 0x5d}, {&(0x7f0000000400)=""/98, 0x62}], 0x4, 0x7, 0x4, 0x2) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:05 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa49, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:05 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 71) 14:15:05 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x200062, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB="0000000000000074fcbd5b1a39b3932875671c146e17b040d496550903900c403bd1cc9e19f3fa823da3c83cf36628c354a136e115a72e5b8cf174dc3718d4895951a5a29f67c038f4aec29a30b9c56c4c6e317e0a03001d8c954458d816c122ed98882283f2b13e5f0e8a464d175d3bd5df6fd3176510c9250d9d7f32aece7317b648433e1be73668b30046979b93831528865331cd6061896bd3b3475df80a", @ANYRESHEX=r2, @ANYBLOB=',ver,\x00']) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r4 = syz_open_dev$loop(&(0x7f0000000000), 0x2, 0x20c00) flistxattr(r4, &(0x7f0000000340)=""/211, 0xd3) r5 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r3, &(0x7f0000000080)=[{&(0x7f0000000d40)=""/244, 0xf4}, {&(0x7f00000004c0)=""/161, 0xa1}, {&(0x7f0000000580)=""/155, 0x9b}, {&(0x7f0000000640)=""/179, 0xb3}], 0x4, 0x0, 0x0) r6 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r6, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x80049363, &(0x7f0000000200)) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, r6}, './file1\x00'}) r7 = syz_io_uring_setup(0x4d4f, &(0x7f0000000900), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r7, 0x8000000) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, r7, 0x10000000) dup2(r7, r0) preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0xffffff67}], 0x1, 0x5, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000440)=ANY=[@ANYBLOB="a008ed69fb7dba9aeb075eeb036907e61e557a9b3cdd2d2574e3ae2f91f2a091bd05e4afe33ff17fe664e0d509a82342c6e8e188441ddcc6dfa418e2279dac471445503f702bdecdc151f4c6e41fb68ec6ea6ea7610153093374", @ANYRES32=r3, @ANYBLOB="0e0000a1e224fcced6bc2e2f66696c651100000000000000"]) 14:15:05 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf5a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:05 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3f00, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:05 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6c5, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1729.710752] FAULT_INJECTION: forcing a failure. [ 1729.710752] name failslab, interval 1, probability 0, space 0, times 0 [ 1729.713805] CPU: 1 PID: 67790 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1729.715606] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1729.717747] Call Trace: [ 1729.718256] dump_stack+0x107/0x167 [ 1729.719024] should_fail.cold+0x5/0xa [ 1729.719813] ? __kernfs_new_node+0xd4/0x860 [ 1729.720691] should_failslab+0x5/0x20 [ 1729.721413] kmem_cache_alloc+0x5b/0x310 [ 1729.722301] __kernfs_new_node+0xd4/0x860 [ 1729.723199] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1729.724188] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1729.725191] ? wait_for_completion_io+0x270/0x270 [ 1729.726258] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1729.727364] kernfs_new_node+0x18d/0x250 [ 1729.728206] __kernfs_create_file+0x51/0x350 [ 1729.729113] sysfs_add_file_mode_ns+0x221/0x560 [ 1729.730112] internal_create_group+0x324/0xb30 [ 1729.730619] ? sysfs_remove_group+0x170/0x170 [ 1729.731037] ? kernfs_name_hash+0xe7/0x110 [ 1729.731450] sysfs_slab_add+0x188/0x200 [ 1729.731874] __kmem_cache_create+0x3db/0x520 [ 1729.732289] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1729.732810] p9_client_create+0xc2b/0x11c0 [ 1729.733216] ? p9_client_flush+0x430/0x430 [ 1729.733673] ? trace_hardirqs_on+0x5b/0x180 [ 1729.734090] ? lockdep_init_map_type+0x2c7/0x780 [ 1729.735368] ? __raw_spin_lock_init+0x36/0x110 [ 1729.736320] v9fs_session_init+0x1dd/0x1680 [ 1729.737184] ? lock_release+0x680/0x680 [ 1729.738040] ? kmem_cache_alloc_trace+0x151/0x320 [ 1729.739282] ? v9fs_show_options+0x690/0x690 [ 1729.740197] ? trace_hardirqs_on+0x5b/0x180 [ 1729.741095] ? kasan_unpoison_shadow+0x33/0x50 [ 1729.742084] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1729.743392] v9fs_mount+0x79/0x8f0 [ 1729.744195] ? v9fs_write_inode+0x60/0x60 [ 1729.745248] legacy_get_tree+0x105/0x220 [ 1729.746116] vfs_get_tree+0x8e/0x300 [ 1729.746845] path_mount+0x1429/0x2120 [ 1729.747596] ? strncpy_from_user+0x9e/0x470 [ 1729.748452] ? finish_automount+0xa90/0xa90 [ 1729.749293] ? getname_flags.part.0+0x1dd/0x4f0 [ 1729.750145] ? _copy_from_user+0xfb/0x1b0 [ 1729.750550] __x64_sys_mount+0x282/0x300 [ 1729.750928] ? copy_mnt_ns+0xa00/0xa00 [ 1729.751301] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1729.751793] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1729.752273] do_syscall_64+0x33/0x40 [ 1729.752625] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1729.753097] RIP: 0033:0x7f78e3094b19 [ 1729.753445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1729.755155] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1729.755858] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1729.756511] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1729.757162] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1729.757821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1729.759244] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1729.892817] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1729.894435] CPU: 1 PID: 67790 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1729.895628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1729.897023] Call Trace: [ 1729.897475] dump_stack+0x107/0x167 [ 1729.898103] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1729.898990] p9_client_create+0xc2b/0x11c0 [ 1729.899695] ? p9_client_flush+0x430/0x430 [ 1729.900408] ? trace_hardirqs_on+0x5b/0x180 [ 1729.901120] ? lockdep_init_map_type+0x2c7/0x780 [ 1729.901799] ? __raw_spin_lock_init+0x36/0x110 [ 1729.902182] v9fs_session_init+0x1dd/0x1680 [ 1729.902547] ? lock_release+0x680/0x680 [ 1729.902925] ? kmem_cache_alloc_trace+0x151/0x320 [ 1729.903365] ? v9fs_show_options+0x690/0x690 [ 1729.903771] ? trace_hardirqs_on+0x5b/0x180 [ 1729.904150] ? kasan_unpoison_shadow+0x33/0x50 [ 1729.904556] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1729.904999] v9fs_mount+0x79/0x8f0 [ 1729.905329] ? v9fs_write_inode+0x60/0x60 [ 1729.905687] legacy_get_tree+0x105/0x220 [ 1729.906062] vfs_get_tree+0x8e/0x300 [ 1729.906432] path_mount+0x1429/0x2120 [ 1729.906747] ? strncpy_from_user+0x9e/0x470 [ 1729.907096] ? finish_automount+0xa90/0xa90 [ 1729.907455] ? getname_flags.part.0+0x1dd/0x4f0 [ 1729.907832] ? _copy_from_user+0xfb/0x1b0 [ 1729.908172] __x64_sys_mount+0x282/0x300 [ 1729.908503] ? copy_mnt_ns+0xa00/0xa00 [ 1729.908842] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1729.909322] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1729.909798] do_syscall_64+0x33/0x40 [ 1729.910294] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1729.911253] RIP: 0033:0x7f78e3094b19 [ 1729.911945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1729.914592] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1729.915265] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1729.915917] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1729.916559] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1729.917203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1729.917847] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 [ 1733.872490] kworker/dying (59) used greatest stack depth: 23608 bytes left 14:15:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x3fb9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf0980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 1: r0 = socket$nl_audit(0x10, 0x3, 0x9) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000), 0x10) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 72) 14:15:20 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6c6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf6a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) r2 = accept$unix(r0, &(0x7f0000000200)=@abs, &(0x7f0000000000)=0x6e) r3 = syz_io_uring_setup(0x4d4f, &(0x7f0000000900), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r3, 0x8000000) mmap$IORING_OFF_SQES(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1000002, 0x10, r3, 0x10000000) splice(r2, &(0x7f0000000080)=0xff, r3, &(0x7f0000000280)=0x8, 0x7fffffff, 0x9) 14:15:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa4a, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1744.010418] FAULT_INJECTION: forcing a failure. [ 1744.010418] name failslab, interval 1, probability 0, space 0, times 0 [ 1744.011428] CPU: 1 PID: 68505 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1744.012024] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1744.012742] Call Trace: [ 1744.012978] dump_stack+0x107/0x167 [ 1744.018292] should_fail.cold+0x5/0xa [ 1744.018627] ? create_object.isra.0+0x3a/0xa20 [ 1744.019017] should_failslab+0x5/0x20 [ 1744.019345] kmem_cache_alloc+0x5b/0x310 [ 1744.019696] create_object.isra.0+0x3a/0xa20 [ 1744.020071] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1744.020505] kmem_cache_alloc+0x159/0x310 [ 1744.020872] __kernfs_new_node+0xd4/0x860 [ 1744.021234] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1744.021644] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1744.022064] ? wait_for_completion_io+0x270/0x270 [ 1744.022495] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1744.022950] kernfs_new_node+0x18d/0x250 [ 1744.023305] __kernfs_create_file+0x51/0x350 [ 1744.023680] sysfs_add_file_mode_ns+0x221/0x560 [ 1744.024082] internal_create_group+0x324/0xb30 [ 1744.024471] ? sysfs_remove_group+0x170/0x170 [ 1744.024849] ? kernfs_name_hash+0xe7/0x110 [ 1744.025219] sysfs_slab_add+0x188/0x200 [ 1744.025563] __kmem_cache_create+0x3db/0x520 [ 1744.025946] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1744.026404] p9_client_create+0xc2b/0x11c0 [ 1744.026775] ? p9_client_flush+0x430/0x430 [ 1744.027143] ? trace_hardirqs_on+0x5b/0x180 [ 1744.027523] ? lockdep_init_map_type+0x2c7/0x780 [ 1744.027934] ? __raw_spin_lock_init+0x36/0x110 [ 1744.028335] v9fs_session_init+0x1dd/0x1680 [ 1744.028709] ? lock_release+0x680/0x680 [ 1744.029059] ? kmem_cache_alloc_trace+0x151/0x320 [ 1744.029479] ? v9fs_show_options+0x690/0x690 [ 1744.029866] ? trace_hardirqs_on+0x5b/0x180 [ 1744.030257] ? kasan_unpoison_shadow+0x33/0x50 [ 1744.030656] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1744.031098] v9fs_mount+0x79/0x8f0 [ 1744.031408] ? v9fs_write_inode+0x60/0x60 [ 1744.031768] legacy_get_tree+0x105/0x220 [ 1744.032118] vfs_get_tree+0x8e/0x300 [ 1744.032440] path_mount+0x1429/0x2120 [ 1744.032774] ? strncpy_from_user+0x9e/0x470 [ 1744.033141] ? finish_automount+0xa90/0xa90 [ 1744.033516] ? getname_flags.part.0+0x1dd/0x4f0 [ 1744.033917] ? _copy_from_user+0xfb/0x1b0 [ 1744.034288] __x64_sys_mount+0x282/0x300 [ 1744.034643] ? copy_mnt_ns+0xa00/0xa00 [ 1744.034977] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1744.035423] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1744.035867] do_syscall_64+0x33/0x40 [ 1744.036190] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1744.036631] RIP: 0033:0x7f78e3094b19 [ 1744.036952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1744.038528] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1744.039183] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1744.039793] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1744.040396] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1744.040997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1744.041604] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf7a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa4b, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf1980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6c7, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf8a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BTRFS_IOC_SPACE_INFO(r0, 0xc0109414, &(0x7f0000000940)={0x75c, 0x401, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) r3 = open_tree(r0, &(0x7f0000000000)='./file1\x00', 0x9900) openat(r3, &(0x7f0000000080)='./file1\x00', 0x900, 0x0) 14:15:20 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 73) 14:15:20 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x4084, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1744.397948] FAULT_INJECTION: forcing a failure. [ 1744.397948] name failslab, interval 1, probability 0, space 0, times 0 [ 1744.399049] CPU: 0 PID: 69579 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1744.399652] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1744.400372] Call Trace: [ 1744.400613] dump_stack+0x107/0x167 [ 1744.400938] should_fail.cold+0x5/0xa [ 1744.401282] ? __kernfs_new_node+0xd4/0x860 [ 1744.401668] should_failslab+0x5/0x20 [ 1744.402006] kmem_cache_alloc+0x5b/0x310 [ 1744.402393] __kernfs_new_node+0xd4/0x860 [ 1744.402767] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1744.403191] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1744.403617] ? wait_for_completion_io+0x270/0x270 [ 1744.404049] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1744.404516] kernfs_new_node+0x18d/0x250 [ 1744.404883] __kernfs_create_file+0x51/0x350 [ 1744.405275] sysfs_add_file_mode_ns+0x221/0x560 [ 1744.405693] internal_create_group+0x324/0xb30 [ 1744.406102] ? sysfs_remove_group+0x170/0x170 [ 1744.406535] ? kernfs_name_hash+0xe7/0x110 [ 1744.406915] ? kernfs_find_ns+0x256/0x380 [ 1744.407292] sysfs_slab_add+0x188/0x200 [ 1744.407647] __kmem_cache_create+0x3db/0x520 [ 1744.408043] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1744.408492] p9_client_create+0xc2b/0x11c0 [ 1744.408873] ? p9_client_flush+0x430/0x430 [ 1744.409251] ? trace_hardirqs_on+0x5b/0x180 [ 1744.409636] ? lockdep_init_map_type+0x2c7/0x780 [ 1744.410059] ? __raw_spin_lock_init+0x36/0x110 [ 1744.410492] v9fs_session_init+0x1dd/0x1680 [ 1744.410874] ? lock_release+0x680/0x680 [ 1744.411236] ? kmem_cache_alloc_trace+0x151/0x320 [ 1744.411658] ? v9fs_show_options+0x690/0x690 [ 1744.412054] ? trace_hardirqs_on+0x5b/0x180 [ 1744.412443] ? kasan_unpoison_shadow+0x33/0x50 [ 1744.412847] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1744.413299] v9fs_mount+0x79/0x8f0 [ 1744.413618] ? v9fs_write_inode+0x60/0x60 [ 1744.413988] legacy_get_tree+0x105/0x220 [ 1744.414368] vfs_get_tree+0x8e/0x300 [ 1744.414699] path_mount+0x1429/0x2120 [ 1744.415041] ? strncpy_from_user+0x9e/0x470 [ 1744.415425] ? finish_automount+0xa90/0xa90 [ 1744.415808] ? getname_flags.part.0+0x1dd/0x4f0 [ 1744.416222] ? _copy_from_user+0xfb/0x1b0 [ 1744.416595] __x64_sys_mount+0x282/0x300 [ 1744.416955] ? copy_mnt_ns+0xa00/0xa00 [ 1744.417305] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1744.417771] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1744.418233] do_syscall_64+0x33/0x40 [ 1744.418566] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1744.419012] RIP: 0033:0x7f78e3094b19 [ 1744.419349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1744.420922] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1744.421584] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 14:15:20 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x280002, 0x0) clone3(&(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x9a) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa4c, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1744.422216] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1744.422839] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1744.423462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1744.424082] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:20 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf2980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ec, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:20 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf9a6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1744.497353] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1744.497973] CPU: 0 PID: 69579 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1744.498594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1744.499317] Call Trace: [ 1744.499563] dump_stack+0x107/0x167 [ 1744.499893] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1744.500360] p9_client_create+0xc2b/0x11c0 [ 1744.500741] ? p9_client_flush+0x430/0x430 [ 1744.501115] ? trace_hardirqs_on+0x5b/0x180 [ 1744.501505] ? lockdep_init_map_type+0x2c7/0x780 [ 1744.501926] ? __raw_spin_lock_init+0x36/0x110 [ 1744.502357] v9fs_session_init+0x1dd/0x1680 [ 1744.502743] ? lock_release+0x680/0x680 [ 1744.503105] ? kmem_cache_alloc_trace+0x151/0x320 [ 1744.503532] ? v9fs_show_options+0x690/0x690 [ 1744.503928] ? trace_hardirqs_on+0x5b/0x180 [ 1744.504323] ? kasan_unpoison_shadow+0x33/0x50 [ 1744.504727] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1744.505184] v9fs_mount+0x79/0x8f0 [ 1744.505505] ? v9fs_write_inode+0x60/0x60 [ 1744.505878] legacy_get_tree+0x105/0x220 [ 1744.506260] vfs_get_tree+0x8e/0x300 [ 1744.506597] path_mount+0x1429/0x2120 [ 1744.506940] ? strncpy_from_user+0x9e/0x470 [ 1744.507324] ? finish_automount+0xa90/0xa90 [ 1744.507706] ? getname_flags.part.0+0x1dd/0x4f0 [ 1744.508116] ? _copy_from_user+0xfb/0x1b0 [ 1744.508493] __x64_sys_mount+0x282/0x300 [ 1744.508860] ? copy_mnt_ns+0xa00/0xa00 [ 1744.509215] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1744.509675] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1744.510127] do_syscall_64+0x33/0x40 [ 1744.510481] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1744.510934] RIP: 0033:0x7f78e3094b19 [ 1744.511271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1744.512867] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1744.513543] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1744.514161] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1744.514806] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1744.515427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1744.516056] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:35 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) ftruncate(r1, 0x8001000000000) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)=ANY=[]) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000)) r2 = syz_open_dev$vcsa(&(0x7f0000000080), 0x10001, 0xb0001) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000140)={0x8, 0x5c30, 0x400, 0x3ff, 0x80000001, 0x1f}) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x2010, r3, 0x0) connect$bt_l2cap(r3, &(0x7f0000000180)={0x1f, 0x41, @none, 0x1ff, 0x1}, 0xe) 14:15:35 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 74) 14:15:35 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ed, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:35 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf3980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:35 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x40b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:35 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa4d, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:35 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x7, 0xffff, 0xa0d, 0x10001}) fstat(r0, &(0x7f0000000200)) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r3, 0x0, 0x0) r4 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x2c0202, 0x0) ioctl$CDROMREADRAW(r4, 0x5314, &(0x7f0000000940)={0x1f, 0x7, 0xeb, 0x8, 0x3, 0x1f}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}], [{@audit}, {@smackfstransmute={'smackfstransmute', 0x3d, '],('}}, {@smackfstransmute={'smackfstransmute', 0x3d, '9p\x00'}}, {@dont_appraise}, {@euid_gt={'euid>', r3}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@fsuuid={'fsuuid', 0x3d, {[0x61, 0x7b71c57c0ff80993, 0x38, 0x0, 0xb7059bedf3618e82, 0x0, 0x63, 0x37], 0x2d, [0x36, 0x59, 0x66, 0x66], 0x2d, [0x32, 0x37, 0x36, 0x34], 0x2d, [0x62, 0x32, 0x31, 0x34], 0x2d, [0x34, 0x64, 0x34, 0x63, 0x39, 0x66, 0x62, 0x39]}}}, {@seclabel}]}}) 14:15:35 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfaa6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1759.144948] FAULT_INJECTION: forcing a failure. [ 1759.144948] name failslab, interval 1, probability 0, space 0, times 0 [ 1759.146986] CPU: 1 PID: 70577 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1759.147585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1759.148353] Call Trace: [ 1759.148604] dump_stack+0x107/0x167 [ 1759.148923] should_fail.cold+0x5/0xa [ 1759.149257] ? create_object.isra.0+0x3a/0xa20 [ 1759.149656] should_failslab+0x5/0x20 [ 1759.149988] kmem_cache_alloc+0x5b/0x310 [ 1759.150341] create_object.isra.0+0x3a/0xa20 [ 1759.151143] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1759.152405] kmem_cache_alloc+0x159/0x310 [ 1759.153316] __kernfs_new_node+0xd4/0x860 [ 1759.154223] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1759.155279] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1759.156457] ? wait_for_completion_io+0x270/0x270 [ 1759.157504] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1759.158642] kernfs_new_node+0x18d/0x250 [ 1759.159661] __kernfs_create_file+0x51/0x350 [ 1759.160617] sysfs_add_file_mode_ns+0x221/0x560 [ 1759.161632] internal_create_group+0x324/0xb30 [ 1759.162506] ? sysfs_remove_group+0x170/0x170 [ 1759.162934] ? kernfs_name_hash+0xe7/0x110 [ 1759.163331] ? kernfs_find_ns+0x256/0x380 [ 1759.163708] sysfs_slab_add+0x188/0x200 [ 1759.164060] __kmem_cache_create+0x3db/0x520 [ 1759.164446] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1759.164880] p9_client_create+0xc2b/0x11c0 [ 1759.165250] ? p9_client_flush+0x430/0x430 [ 1759.165617] ? trace_hardirqs_on+0x5b/0x180 [ 1759.165992] ? lockdep_init_map_type+0x2c7/0x780 [ 1759.166459] ? __raw_spin_lock_init+0x36/0x110 [ 1759.166863] v9fs_session_init+0x1dd/0x1680 [ 1759.167237] ? lock_release+0x680/0x680 [ 1759.167590] ? kmem_cache_alloc_trace+0x151/0x320 [ 1759.168006] ? v9fs_show_options+0x690/0x690 [ 1759.168391] ? trace_hardirqs_on+0x5b/0x180 [ 1759.168808] ? kasan_unpoison_shadow+0x33/0x50 [ 1759.169240] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1759.169690] v9fs_mount+0x79/0x8f0 [ 1759.170002] ? v9fs_write_inode+0x60/0x60 [ 1759.170371] legacy_get_tree+0x105/0x220 [ 1759.170759] vfs_get_tree+0x8e/0x300 [ 1759.171084] path_mount+0x1429/0x2120 [ 1759.171419] ? strncpy_from_user+0x9e/0x470 [ 1759.171791] ? finish_automount+0xa90/0xa90 [ 1759.172166] ? getname_flags.part.0+0x1dd/0x4f0 [ 1759.172570] ? _copy_from_user+0xfb/0x1b0 [ 1759.172933] __x64_sys_mount+0x282/0x300 [ 1759.173280] ? copy_mnt_ns+0xa00/0xa00 [ 1759.173622] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1759.174074] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1759.174524] do_syscall_64+0x33/0x40 [ 1759.174850] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1759.175292] RIP: 0033:0x7f78e3094b19 [ 1759.175619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1759.177188] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1759.177844] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1759.179377] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1759.179986] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1759.180598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1759.181211] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:35 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf4980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:35 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ee, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:35 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000d40)=""/244, 0x7ffff000}], 0x1, 0x0, 0x0) write$P9_RREADLINK(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1000005f35010007002e2f66696c6531"], 0x10) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYBLOB='s.~ .n\x00']) ioctl$SG_GET_PACK_ID(r4, 0x227c, &(0x7f0000000200)) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000080)=0x5) 14:15:35 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa4e, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:35 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x41b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:35 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfba6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:49 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf5980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x42b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 5: r0 = syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000100)='./file1/file0\x00', 0xfffffffffffffffe, 0x2, &(0x7f0000000340)=[{&(0x7f0000000200)="0439e16c99f5ba44725270af4e00eea965df9ca73f0c881193b7e4284f06216a31d1a023074d6a9e942d59e2a2cd36b517431e41bef9d3b280aeaf6ed096c32483379623209adc897343a028740ccb49b0d478ad2f2b1a0c3b9124ea7365acc6b78a413198c0ab4c7cc411d84d24070deaf3b0481d6c4c3e7dd9203d4c6003ce5600d7e874f28ae220100c90aaa8b1d069d9c47961dd49f0e0647bc5e06fabce60c3abff329bd828e84f", 0xaa, 0xfffffffffffffff9}, {&(0x7f00000002c0)="1c33e9f22449e825eee186d87d07ac22ba1133624d354111193d5fcc76364f7afa52074394eaced6818c5d07b2317d28fd04b0ffacf7d3fcb0dcedd6f1f08150bccb3f5fdea6560030698c7c875375ecf8897cc07b344d03b92673416e4b0ea9a13052", 0x63, 0x1720}], 0x40, &(0x7f0000000380)={[{@unhide}, {@uid}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}], [{@pcr={'pcr', 0x3d, 0x19}}, {@smackfstransmute={'smackfstransmute', 0x3d, '!\xfe\'^.&'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@appraise}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}]}) openat(r0, &(0x7f0000000000)='./file1/../file0\x00', 0x42, 0x1a0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfca6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6ef, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1773.822197] FAULT_INJECTION: forcing a failure. [ 1773.822197] name failslab, interval 1, probability 0, space 0, times 0 [ 1773.823453] CPU: 1 PID: 72001 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1773.824113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1773.824893] Call Trace: [ 1773.825157] dump_stack+0x107/0x167 [ 1773.825512] should_fail.cold+0x5/0xa [ 1773.825878] ? __kernfs_new_node+0xd4/0x860 [ 1773.826291] should_failslab+0x5/0x20 [ 1773.826730] kmem_cache_alloc+0x5b/0x310 [ 1773.827159] __kernfs_new_node+0xd4/0x860 [ 1773.827590] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1773.828049] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1773.828539] ? wait_for_completion_io+0x270/0x270 [ 1773.829011] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1773.829520] kernfs_new_node+0x18d/0x250 [ 1773.829919] __kernfs_create_file+0x51/0x350 [ 1773.830343] sysfs_add_file_mode_ns+0x221/0x560 [ 1773.830846] internal_create_group+0x324/0xb30 [ 1773.831316] ? sysfs_remove_group+0x170/0x170 [ 1773.831748] ? kernfs_name_hash+0xe7/0x110 [ 1773.832166] sysfs_slab_add+0x188/0x200 [ 1773.832548] __kmem_cache_create+0x3db/0x520 [ 1773.832971] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1773.833453] p9_client_create+0xc2b/0x11c0 [ 1773.833848] ? p9_client_flush+0x430/0x430 [ 1773.834219] ? trace_hardirqs_on+0x5b/0x180 [ 1773.834683] ? lockdep_init_map_type+0x2c7/0x780 [ 1773.835150] ? __raw_spin_lock_init+0x36/0x110 [ 1773.835550] v9fs_session_init+0x1dd/0x1680 [ 1773.835922] ? lock_release+0x680/0x680 [ 1773.836298] ? kmem_cache_alloc_trace+0x151/0x320 [ 1773.836752] ? v9fs_show_options+0x690/0x690 [ 1773.837180] ? trace_hardirqs_on+0x5b/0x180 [ 1773.837568] ? kasan_unpoison_shadow+0x33/0x50 [ 1773.837998] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 14:15:50 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 75) 14:15:50 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa4f, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1773.838452] v9fs_mount+0x79/0x8f0 [ 1773.839768] ? v9fs_write_inode+0x60/0x60 [ 1773.840196] legacy_get_tree+0x105/0x220 [ 1773.840590] vfs_get_tree+0x8e/0x300 [ 1773.840940] path_mount+0x1429/0x2120 [ 1773.841288] ? strncpy_from_user+0x9e/0x470 [ 1773.841666] ? finish_automount+0xa90/0xa90 [ 1773.842038] ? getname_flags.part.0+0x1dd/0x4f0 [ 1773.842437] ? _copy_from_user+0xfb/0x1b0 [ 1773.842811] __x64_sys_mount+0x282/0x300 [ 1773.843195] ? copy_mnt_ns+0xa00/0xa00 [ 1773.843575] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1773.844084] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1773.844584] do_syscall_64+0x33/0x40 [ 1773.844936] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1773.845385] RIP: 0033:0x7f78e3094b19 [ 1773.845706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1773.847280] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1773.847951] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1773.848640] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1773.849333] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1773.850008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1773.850691] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf5ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x43b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1773.948861] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1773.950472] CPU: 1 PID: 72001 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1773.952074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1773.953898] Call Trace: [ 1773.960230] dump_stack+0x107/0x167 [ 1773.961072] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1773.962232] p9_client_create+0xc2b/0x11c0 [ 1773.963245] ? p9_client_flush+0x430/0x430 [ 1773.964171] ? trace_hardirqs_on+0x5b/0x180 [ 1773.965114] ? lockdep_init_map_type+0x2c7/0x780 [ 1773.966321] ? __raw_spin_lock_init+0x36/0x110 [ 1773.966902] v9fs_session_init+0x1dd/0x1680 [ 1773.967309] ? lock_release+0x680/0x680 [ 1773.967668] ? kmem_cache_alloc_trace+0x151/0x320 [ 1773.968084] ? v9fs_show_options+0x690/0x690 [ 1773.968497] ? trace_hardirqs_on+0x5b/0x180 [ 1773.968866] ? kasan_unpoison_shadow+0x33/0x50 [ 1773.969277] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1773.969750] v9fs_mount+0x79/0x8f0 [ 1773.970069] ? v9fs_write_inode+0x60/0x60 [ 1773.970453] legacy_get_tree+0x105/0x220 [ 1773.970822] vfs_get_tree+0x8e/0x300 [ 1773.971142] path_mount+0x1429/0x2120 [ 1773.971472] ? strncpy_from_user+0x9e/0x470 [ 1773.971836] ? finish_automount+0xa90/0xa90 [ 1773.972205] ? getname_flags.part.0+0x1dd/0x4f0 [ 1773.972600] ? _copy_from_user+0xfb/0x1b0 [ 1773.972959] __x64_sys_mount+0x282/0x300 [ 1773.973306] ? copy_mnt_ns+0xa00/0xa00 [ 1773.973640] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1773.974084] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1773.974523] do_syscall_64+0x33/0x40 [ 1773.974982] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1773.975453] RIP: 0033:0x7f78e3094b19 [ 1773.975801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1773.977373] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1773.978018] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1773.978627] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1773.979230] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1773.979835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1773.980440] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:50 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) openat(r2, &(0x7f0000000000)='./file1\x00', 0x100, 0x4) 14:15:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfda6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa50, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6f0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf6980000, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x44b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r0 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_open_procfs(r0, &(0x7f0000000000)='net/wireless\x00') pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa51, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfea6, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 3: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) (fail_nth: 76) 14:15:50 executing program 2: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xb6f1, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xf6ffffff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1774.297322] FAULT_INJECTION: forcing a failure. [ 1774.297322] name failslab, interval 1, probability 0, space 0, times 0 [ 1774.298976] CPU: 0 PID: 73476 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1774.299577] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1774.300280] Call Trace: [ 1774.300515] dump_stack+0x107/0x167 [ 1774.300831] should_fail.cold+0x5/0xa [ 1774.301168] ? __kernfs_new_node+0xd4/0x860 [ 1774.301552] should_failslab+0x5/0x20 [ 1774.301882] kmem_cache_alloc+0x5b/0x310 [ 1774.302241] __kernfs_new_node+0xd4/0x860 [ 1774.302624] ? kernfs_dop_revalidate+0x3a0/0x3a0 [ 1774.303041] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1774.303460] ? wait_for_completion_io+0x270/0x270 [ 1774.303881] ? kernfs_next_descendant_post+0x1a7/0x2a0 [ 1774.304336] kernfs_new_node+0x18d/0x250 [ 1774.304691] __kernfs_create_file+0x51/0x350 [ 1774.305075] sysfs_add_file_mode_ns+0x221/0x560 [ 1774.305485] internal_create_group+0x324/0xb30 [ 1774.305885] ? sysfs_remove_group+0x170/0x170 [ 1774.306272] ? kernfs_name_hash+0xe7/0x110 [ 1774.306653] ? kernfs_find_ns+0x256/0x380 [ 1774.307013] sysfs_slab_add+0x188/0x200 [ 1774.307363] __kmem_cache_create+0x3db/0x520 [ 1774.307742] kmem_cache_create_usercopy+0x1db/0x2f0 [ 1774.308176] p9_client_create+0xc2b/0x11c0 [ 1774.308548] ? p9_client_flush+0x430/0x430 [ 1774.308919] ? trace_hardirqs_on+0x5b/0x180 [ 1774.309295] ? lockdep_init_map_type+0x2c7/0x780 [ 1774.309710] ? __raw_spin_lock_init+0x36/0x110 [ 1774.310107] v9fs_session_init+0x1dd/0x1680 [ 1774.310479] ? lock_release+0x680/0x680 [ 1774.310846] ? kmem_cache_alloc_trace+0x151/0x320 [ 1774.311259] ? v9fs_show_options+0x690/0x690 [ 1774.311640] ? trace_hardirqs_on+0x5b/0x180 [ 1774.312013] ? kasan_unpoison_shadow+0x33/0x50 [ 1774.312408] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1774.312851] v9fs_mount+0x79/0x8f0 [ 1774.313158] ? v9fs_write_inode+0x60/0x60 [ 1774.313522] legacy_get_tree+0x105/0x220 [ 1774.313876] vfs_get_tree+0x8e/0x300 [ 1774.314198] path_mount+0x1429/0x2120 [ 1774.314533] ? strncpy_from_user+0x9e/0x470 [ 1774.314946] ? finish_automount+0xa90/0xa90 [ 1774.315317] ? getname_flags.part.0+0x1dd/0x4f0 [ 1774.315716] ? _copy_from_user+0xfb/0x1b0 [ 1774.316077] __x64_sys_mount+0x282/0x300 [ 1774.316429] ? copy_mnt_ns+0xa00/0xa00 [ 1774.316765] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1774.317214] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1774.317658] do_syscall_64+0x33/0x40 [ 1774.317978] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1774.318414] RIP: 0033:0x7f78e3094b19 [ 1774.318759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1774.320310] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1774.320966] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1774.321567] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1774.322174] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1774.322802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1774.323412] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xfeff, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1774.356506] kmem_cache_create(9p-fcall-cache) failed with error -12 [ 1774.357122] CPU: 1 PID: 73476 Comm: syz-executor.3 Not tainted 5.10.223 #1 [ 1774.357718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 14:15:50 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x45b9, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) [ 1774.358428] Call Trace: [ 1774.358695] dump_stack+0x107/0x167 [ 1774.359017] kmem_cache_create_usercopy.cold+0x17/0x65 [ 1774.359504] p9_client_create+0xc2b/0x11c0 [ 1774.359875] ? p9_client_flush+0x430/0x430 [ 1774.360246] ? trace_hardirqs_on+0x5b/0x180 [ 1774.360624] ? lockdep_init_map_type+0x2c7/0x780 [ 1774.361035] ? __raw_spin_lock_init+0x36/0x110 [ 1774.361438] v9fs_session_init+0x1dd/0x1680 [ 1774.361811] ? lock_release+0x680/0x680 [ 1774.362164] ? kmem_cache_alloc_trace+0x151/0x320 [ 1774.374621] ? v9fs_show_options+0x690/0x690 [ 1774.375000] ? trace_hardirqs_on+0x5b/0x180 [ 1774.375373] ? kasan_unpoison_shadow+0x33/0x50 [ 1774.375765] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1774.376201] v9fs_mount+0x79/0x8f0 [ 1774.376514] ? v9fs_write_inode+0x60/0x60 [ 1774.376868] legacy_get_tree+0x105/0x220 [ 1774.377226] vfs_get_tree+0x8e/0x300 [ 1774.377548] path_mount+0x1429/0x2120 [ 1774.377882] ? strncpy_from_user+0x9e/0x470 [ 1774.378255] ? finish_automount+0xa90/0xa90 [ 1774.378639] ? getname_flags.part.0+0x1dd/0x4f0 [ 1774.379048] ? _copy_from_user+0xfb/0x1b0 [ 1774.379424] __x64_sys_mount+0x282/0x300 [ 1774.379769] ? copy_mnt_ns+0xa00/0xa00 [ 1774.380101] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1774.380552] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1774.381007] do_syscall_64+0x33/0x40 [ 1774.381331] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1774.381779] RIP: 0033:0x7f78e3094b19 [ 1774.382112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1774.383719] RSP: 002b:00007f78e060a188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1774.384367] RAX: ffffffffffffffda RBX: 00007f78e31a7f60 RCX: 00007f78e3094b19 [ 1774.384985] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 1774.385605] RBP: 00007f78e060a1d0 R08: 0000000020000140 R09: 0000000000000000 [ 1774.386234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1774.386885] R13: 00007ffc47ae953f R14: 00007f78e060a300 R15: 0000000000022000 14:15:50 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0xaa52, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) 14:15:50 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="6c77e16bc089bb82520400000000000000491fd73d30f54b3775052631c55b8b4e6b17cebfc48a0fa0a00d29432eefea80589367905f33d998e2934feaff169adeba62cc55d64e09483161248d364c067c46d15bfbfc48010d56d5f08fd1c20eb90fe124a0e8549f53e6da7f44e37fb3a6074d0495032a217a828e3128016a5a90e4438c1aa27a077de975ce889cc5ae183251727f5a12f5d33821bb89d82b08e9074b0f869858c4d8b0f70e85d320f34e72eb39484065b0ca3e502ed50bf3edec276b6864bcbbe374fec1b389d8b8c96b0a3856f827a3d938bb941f2a8b308e3d6615cbcdd1f7571b90ec9de91bf545b3d25c5b2ac99097e030e6ba3d831733842769ac7dca7d974709145d39e3ab0d9234a0", @ANYRESHEX=r1, @ANYBLOB=',version=9p2000,\x00']) [ 1774.457954] 9pnet: Insufficient options for proto=fd VM DIAGNOSIS: 14:20:59 Registers: info registers vcpu 0 RAX=ffffffff83e75230 RBX=0000000000000000 RCX=ffffffff83e5d02c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e75838 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38 R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001 R12=0000000000000000 R13=ffffffff85675808 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e7523e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f840f477010 CR3=000000001b2a6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=008002fe016c6c6f502e726567616e61 XMM02=20726f747563657865110a0100010101 XMM03=66206365786509007374726174736572 XMM04=696d696e696d20636578650d007a7a75 XMM05=0a006873616d7320636578650a00657a XMM06=636578650a0073746e69682063657865 XMM07=6e6567206365786508006c61746f7420 XMM08=650900737472617473657220726f7475 XMM09=6d20636578650d007a7a756620636578 XMM10=6d7320636578650a00657a696d696e69 XMM11=0073746e696820636578650a00687361 XMM12=65786508006c61746f7420636578650a XMM13=646e616320636578650e006e65672063 XMM14=6169727420636578650b006574616469 XMM15=0000736465657320636578650a006567 info registers vcpu 1 RAX=ffffffff83e75230 RBX=0000000000000001 RCX=ffffffff83e5d02c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e75838 RBP=ffffed1001130000 RSP=ffff88800898fe70 R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001 R12=0000000000000001 R13=ffffffff85675808 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e7523e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe1500000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffe19f51928 CR3=000000001b2a6000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004184cf8100000000 XMM03=0000ff00000000000000000000000000 XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962 XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000