0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:04:02 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:04:02 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:04:02 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:02 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:04:02 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-'}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:04:02 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 34)

20:04:02 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1469.450959] FAULT_INJECTION: forcing a failure.
[ 1469.450959] name failslab, interval 1, probability 0, space 0, times 0
[ 1469.452484] CPU: 1 PID: 8332 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1469.453350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1469.454345] Call Trace:
[ 1469.454671]  dump_stack+0x107/0x167
[ 1469.455112]  should_fail.cold+0x5/0xa
[ 1469.455575]  ? create_object.isra.0+0x3a/0xa20
[ 1469.456133]  should_failslab+0x5/0x20
[ 1469.456595]  kmem_cache_alloc+0x5b/0x310
[ 1469.461120]  create_object.isra.0+0x3a/0xa20
[ 1469.461653]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
20:04:02 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1469.462270]  __kmalloc_track_caller+0x177/0x370
[ 1469.469023]  ? kstrdup_const+0x53/0x80
[ 1469.469499]  kstrdup+0x36/0x70
[ 1469.469889]  kstrdup_const+0x53/0x80
[ 1469.470342]  __kernfs_new_node+0x9d/0x860
[ 1469.470845]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1469.471481]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1469.472057]  ? lock_acquire+0x197/0x470
[ 1469.472536]  ? find_held_lock+0x2c/0x110
[ 1469.473091]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1469.473766]  kernfs_new_node+0x18d/0x250
[ 1469.474337]  kernfs_create_link+0xcb/0x230
[ 1469.474929]  sysfs_do_create_link_sd+0x90/0x140
[ 1469.475579]  sysfs_create_link+0x5f/0xc0
[ 1469.476153]  device_add+0x703/0x1c50
20:04:02 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1469.476665]  ? lockdep_init_map_type+0x2c7/0x780
[ 1469.477285]  ? devlink_add_symlinks+0x970/0x970
[ 1469.477856]  netdev_register_kobject+0x17a/0x3b0
[ 1469.478433]  register_netdevice+0xd6e/0x1480
[ 1469.478968]  ? netdev_change_features+0xb0/0xb0
[ 1469.479534]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1469.484848]  __tun_chr_ioctl+0x2156/0x3f60
[ 1469.485369]  ? lock_downgrade+0x6d0/0x6d0
[ 1469.485877]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1469.486468]  ? tun_chr_poll+0x700/0x700
[ 1469.486955]  ? wait_for_completion_io+0x270/0x270
[ 1469.487558]  ? selinux_file_ioctl+0xb6/0x270
[ 1469.488094]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1469.488646]  __x64_sys_ioctl+0x19a/0x210
[ 1469.489150]  do_syscall_64+0x33/0x40
[ 1469.489611]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1469.490233] RIP: 0033:0x7f7955930b19
[ 1469.490692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1469.492936] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1469.493872] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1469.494733] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1469.495594] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1469.496455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1469.497329] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:04:02 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:04:02 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:02 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:04:02 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 35)

[ 1469.663431] FAULT_INJECTION: forcing a failure.
[ 1469.663431] name failslab, interval 1, probability 0, space 0, times 0
[ 1469.664861] CPU: 0 PID: 8347 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1469.665686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1469.666689] Call Trace:
[ 1469.667018]  dump_stack+0x107/0x167
[ 1469.667464]  should_fail.cold+0x5/0xa
[ 1469.667932]  ? create_object.isra.0+0x3a/0xa20
[ 1469.668496]  should_failslab+0x5/0x20
[ 1469.668999]  kmem_cache_alloc+0x5b/0x310
[ 1469.669497]  create_object.isra.0+0x3a/0xa20
[ 1469.670034]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1469.670660]  __kmalloc_track_caller+0x177/0x370
[ 1469.671227]  ? kstrdup_const+0x53/0x80
[ 1469.671705]  kstrdup+0x36/0x70
[ 1469.672098]  kstrdup_const+0x53/0x80
[ 1469.672555]  __kernfs_new_node+0x9d/0x860
[ 1469.673083]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1469.673723]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1469.674306]  ? lock_acquire+0x197/0x470
[ 1469.674790]  ? find_held_lock+0x2c/0x110
[ 1469.675288]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1469.675877]  kernfs_new_node+0x18d/0x250
[ 1469.676374]  kernfs_create_link+0xcb/0x230
[ 1469.676900]  sysfs_do_create_link_sd+0x90/0x140
[ 1469.677472]  sysfs_create_link+0x5f/0xc0
[ 1469.677970]  device_add+0x703/0x1c50
[ 1469.678425]  ? lockdep_init_map_type+0x2c7/0x780
[ 1469.679001]  ? devlink_add_symlinks+0x970/0x970
[ 1469.679576]  netdev_register_kobject+0x17a/0x3b0
[ 1469.680157]  register_netdevice+0xd6e/0x1480
[ 1469.680697]  ? netdev_change_features+0xb0/0xb0
[ 1469.681277]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1469.681810]  __tun_chr_ioctl+0x2156/0x3f60
[ 1469.682327]  ? lock_downgrade+0x6d0/0x6d0
[ 1469.682834]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1469.683420]  ? tun_chr_poll+0x700/0x700
[ 1469.683906]  ? wait_for_completion_io+0x270/0x270
[ 1469.684500]  ? selinux_file_ioctl+0xb6/0x270
[ 1469.685053]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1469.685601]  __x64_sys_ioctl+0x19a/0x210
[ 1469.686119]  do_syscall_64+0x33/0x40
[ 1469.686591]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1469.687240] RIP: 0033:0x7f7955930b19
[ 1469.687714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1469.689993] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1469.690918] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1469.691783] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1469.692648] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1469.693527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1469.694392] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:04:16 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:16 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-'}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:04:16 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:16 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2000, 0x1, 0x0, 0x0)

20:04:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:04:16 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:16 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

20:04:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 36)

[ 1483.542240] FAULT_INJECTION: forcing a failure.
[ 1483.542240] name failslab, interval 1, probability 0, space 0, times 0
[ 1483.550447] CPU: 1 PID: 8370 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1483.551273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1483.552270] Call Trace:
[ 1483.552596]  dump_stack+0x107/0x167
[ 1483.553045]  should_fail.cold+0x5/0xa
[ 1483.553564]  ? __kernfs_new_node+0xd4/0x860
[ 1483.554164]  should_failslab+0x5/0x20
[ 1483.554698]  kmem_cache_alloc+0x5b/0x310
[ 1483.555288]  __kernfs_new_node+0xd4/0x860
[ 1483.555856]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1483.556575]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1483.557235]  ? lock_acquire+0x197/0x470
[ 1483.561717]  ? find_held_lock+0x2c/0x110
[ 1483.562212]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1483.562797]  kernfs_new_node+0x18d/0x250
[ 1483.563291]  kernfs_create_link+0xcb/0x230
[ 1483.563804]  sysfs_do_create_link_sd+0x90/0x140
[ 1483.564366]  sysfs_create_link+0x5f/0xc0
[ 1483.564860]  device_add+0x703/0x1c50
[ 1483.573347]  ? lockdep_init_map_type+0x2c7/0x780
[ 1483.573996]  ? devlink_add_symlinks+0x970/0x970
[ 1483.574640]  netdev_register_kobject+0x17a/0x3b0
[ 1483.575293]  register_netdevice+0xd6e/0x1480
[ 1483.575899]  ? netdev_change_features+0xb0/0xb0
[ 1483.576534]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1483.577132]  __tun_chr_ioctl+0x2156/0x3f60
[ 1483.578327]  ? lock_downgrade+0x6d0/0x6d0
[ 1483.578832]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1483.579413]  ? tun_chr_poll+0x700/0x700
[ 1483.579895]  ? wait_for_completion_io+0x270/0x270
[ 1483.580484]  ? selinux_file_ioctl+0xb6/0x270
[ 1483.581018]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1483.581660]  __x64_sys_ioctl+0x19a/0x210
[ 1483.582218]  do_syscall_64+0x33/0x40
[ 1483.582750]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1483.583484] RIP: 0033:0x7f7955930b19
[ 1483.583992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1483.586548] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1483.587595] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1483.588571] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1483.589993] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1483.592023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1483.593609] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:04:16 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:04:17 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:17 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:04:17 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x4000, 0x1, 0x0, 0x0)

20:04:17 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:17 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:04:17 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

20:04:17 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:04:17 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 37)

[ 1483.803459] FAULT_INJECTION: forcing a failure.
[ 1483.803459] name failslab, interval 1, probability 0, space 0, times 0
[ 1483.804985] CPU: 1 PID: 8394 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1483.805876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1483.806877] Call Trace:
[ 1483.807207]  dump_stack+0x107/0x167
[ 1483.807652]  should_fail.cold+0x5/0xa
[ 1483.808118]  ? create_object.isra.0+0x3a/0xa20
[ 1483.808676]  should_failslab+0x5/0x20
[ 1483.809139]  kmem_cache_alloc+0x5b/0x310
[ 1483.813661]  create_object.isra.0+0x3a/0xa20
[ 1483.814194]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1483.814810]  kmem_cache_alloc+0x159/0x310
[ 1483.815319]  __kernfs_new_node+0xd4/0x860
[ 1483.815819]  ? kernfs_activate+0x2c/0x1d0
[ 1483.816324]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1483.816899]  ? lock_release+0x680/0x680
[ 1483.817409]  ? find_held_lock+0x2c/0x110
[ 1483.817905]  kernfs_new_node+0x18d/0x250
[ 1483.818404]  __kernfs_create_file+0x51/0x350
[ 1483.818938]  sysfs_add_file_mode_ns+0x221/0x560
[ 1483.819506]  internal_create_group+0x324/0xb30
[ 1483.820074]  ? sysfs_remove_group+0x170/0x170
[ 1483.820615]  ? kernfs_add_one+0x124/0x4d0
[ 1483.821119]  ? kernfs_create_link+0x1b7/0x230
[ 1483.821683]  internal_create_groups.part.0+0x90/0x140
[ 1483.822308]  sysfs_create_groups+0x25/0x50
[ 1483.822821]  device_add+0x7a9/0x1c50
[ 1483.823273]  ? lockdep_init_map_type+0x2c7/0x780
[ 1483.823845]  ? devlink_add_symlinks+0x970/0x970
[ 1483.824420]  netdev_register_kobject+0x17a/0x3b0
[ 1483.824996]  register_netdevice+0xd6e/0x1480
[ 1483.825567]  ? netdev_change_features+0xb0/0xb0
[ 1483.826133]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1483.826660]  __tun_chr_ioctl+0x2156/0x3f60
[ 1483.827173]  ? lock_downgrade+0x6d0/0x6d0
[ 1483.827676]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1483.828258]  ? tun_chr_poll+0x700/0x700
[ 1483.828740]  ? wait_for_completion_io+0x270/0x270
[ 1483.829350]  ? selinux_file_ioctl+0xb6/0x270
[ 1483.829887]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1483.830432]  __x64_sys_ioctl+0x19a/0x210
[ 1483.830925]  do_syscall_64+0x33/0x40
[ 1483.831377]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1483.831997] RIP: 0033:0x7f7955930b19
[ 1483.832449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1483.834681] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1483.835600] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1483.836461] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1483.837339] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1483.838201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1483.839061] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:04:30 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:04:30 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-'}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:04:30 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:30 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:30 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, 0x0)

20:04:30 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x400000, 0x1, 0x0, 0x0)

20:04:30 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

20:04:30 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 38)

20:04:30 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:30 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:30 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:30 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, 0x0)

[ 1497.599955] FAULT_INJECTION: forcing a failure.
[ 1497.599955] name failslab, interval 1, probability 0, space 0, times 0
[ 1497.601501] CPU: 1 PID: 8416 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1497.602362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1497.603358] Call Trace:
[ 1497.603686]  dump_stack+0x107/0x167
[ 1497.604128]  should_fail.cold+0x5/0xa
[ 1497.604593]  ? __kernfs_new_node+0xd4/0x860
[ 1497.605118]  should_failslab+0x5/0x20
[ 1497.605584]  kmem_cache_alloc+0x5b/0x310
[ 1497.606113]  __kernfs_new_node+0xd4/0x860
[ 1497.606617]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1497.607254]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1497.607832]  ? lock_acquire+0x197/0x470
[ 1497.608334]  ? find_held_lock+0x2c/0x110
[ 1497.608849]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1497.609435]  kernfs_new_node+0x18d/0x250
[ 1497.609961]  kernfs_create_link+0xcb/0x230
[ 1497.610481]  sysfs_do_create_link_sd+0x90/0x140
[ 1497.611043]  sysfs_create_link+0x5f/0xc0
[ 1497.611543]  device_add+0x703/0x1c50
[ 1497.611995]  ? lockdep_init_map_type+0x2c7/0x780
[ 1497.612567]  ? devlink_add_symlinks+0x970/0x970
[ 1497.613137]  netdev_register_kobject+0x17a/0x3b0
[ 1497.613713]  register_netdevice+0xd6e/0x1480
[ 1497.618131]  ? netdev_change_features+0xb0/0xb0
[ 1497.618699]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1497.619230]  __tun_chr_ioctl+0x2156/0x3f60
[ 1497.619744]  ? lock_downgrade+0x6d0/0x6d0
[ 1497.620248]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1497.620837]  ? tun_chr_poll+0x700/0x700
[ 1497.621320]  ? wait_for_completion_io+0x270/0x270
[ 1497.621932]  ? selinux_file_ioctl+0xb6/0x270
[ 1497.622469]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1497.623016]  __x64_sys_ioctl+0x19a/0x210
[ 1497.623510]  do_syscall_64+0x33/0x40
[ 1497.623981]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1497.624627] RIP: 0033:0x7f7955930b19
[ 1497.625079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1497.627322] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1497.628250] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1497.629113] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1497.629997] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1497.630857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1497.631718] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:04:31 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x800000, 0x1, 0x0, 0x0)

[ 1497.788537] FAULT_INJECTION: forcing a failure.
[ 1497.788537] name failslab, interval 1, probability 0, space 0, times 0
[ 1497.798201] CPU: 1 PID: 8434 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1497.799027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1497.800028] Call Trace:
[ 1497.800356]  dump_stack+0x107/0x167
[ 1497.800801]  should_fail.cold+0x5/0xa
[ 1497.801272]  ? create_object.isra.0+0x3a/0xa20
[ 1497.805853]  should_failslab+0x5/0x20
[ 1497.806317]  kmem_cache_alloc+0x5b/0x310
[ 1497.806814]  create_object.isra.0+0x3a/0xa20
[ 1497.807347]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1497.807963]  kmem_cache_alloc+0x159/0x310
[ 1497.808472]  __kernfs_new_node+0xd4/0x860
[ 1497.808980]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1497.809618]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1497.814222]  ? lock_acquire+0x197/0x470
[ 1497.814703]  ? find_held_lock+0x2c/0x110
[ 1497.815198]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1497.815785]  kernfs_new_node+0x18d/0x250
[ 1497.816279]  kernfs_create_link+0xcb/0x230
[ 1497.816793]  sysfs_do_create_link_sd+0x90/0x140
[ 1497.817357]  sysfs_create_link+0x5f/0xc0
[ 1497.817871]  device_add+0x703/0x1c50
[ 1497.818328]  ? lockdep_init_map_type+0x2c7/0x780
[ 1497.818900]  ? devlink_add_symlinks+0x970/0x970
[ 1497.819473]  netdev_register_kobject+0x17a/0x3b0
[ 1497.820081]  register_netdevice+0xd6e/0x1480
[ 1497.820616]  ? netdev_change_features+0xb0/0xb0
[ 1497.821182]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1497.821712]  __tun_chr_ioctl+0x2156/0x3f60
[ 1497.822241]  ? lock_downgrade+0x6d0/0x6d0
[ 1497.822746]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1497.823334]  ? tun_chr_poll+0x700/0x700
[ 1497.823816]  ? wait_for_completion_io+0x270/0x270
[ 1497.824409]  ? selinux_file_ioctl+0xb6/0x270
[ 1497.824946]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1497.825491]  __x64_sys_ioctl+0x19a/0x210
[ 1497.825999]  do_syscall_64+0x33/0x40
[ 1497.826450]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1497.827075] RIP: 0033:0x7f7955930b19
[ 1497.827527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
20:04:31 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x2, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x1)
mount$9p_virtio(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x2a04080, 0x0)

20:04:31 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:31 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 39)

[ 1497.829756] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1497.830685] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1497.831548] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1497.846153] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1497.847017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1497.847879] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1497.853993] 9pnet_virtio: no channels available for device syz
[ 1511.327541] FAULT_INJECTION: forcing a failure.
[ 1511.327541] name failslab, interval 1, probability 0, space 0, times 0
[ 1511.329151] CPU: 1 PID: 8457 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1511.330029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1511.332215] Call Trace:
[ 1511.333018]  dump_stack+0x107/0x167
[ 1511.334109]  should_fail.cold+0x5/0xa
[ 1511.335241]  ? __kernfs_new_node+0xd4/0x860
[ 1511.336478]  should_failslab+0x5/0x20
[ 1511.337564]  kmem_cache_alloc+0x5b/0x310
[ 1511.338753]  __kernfs_new_node+0xd4/0x860
[ 1511.339943]  ? kernfs_activate+0x2c/0x1d0
[ 1511.341118]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1511.342497]  ? kernfs_activate+0x2c/0x1d0
[ 1511.343689]  ? find_held_lock+0x2c/0x110
[ 1511.344845]  kernfs_new_node+0x18d/0x250
[ 1511.345987]  __kernfs_create_file+0x51/0x350
[ 1511.347273]  sysfs_add_file_mode_ns+0x221/0x560
[ 1511.348596]  internal_create_group+0x324/0xb30
[ 1511.349897]  ? sysfs_remove_group+0x170/0x170
[ 1511.351213]  ? kernfs_add_one+0x124/0x4d0
[ 1511.352385]  ? kernfs_create_link+0x1b7/0x230
[ 1511.353667]  internal_create_groups.part.0+0x90/0x140
[ 1511.355176]  sysfs_create_groups+0x25/0x50
[ 1511.356383]  device_add+0x7a9/0x1c50
[ 1511.357431]  ? lockdep_init_map_type+0x2c7/0x780
[ 1511.358809]  ? devlink_add_symlinks+0x970/0x970
[ 1511.360122]  netdev_register_kobject+0x17a/0x3b0
[ 1511.361459]  register_netdevice+0xd6e/0x1480
[ 1511.362736]  ? netdev_change_features+0xb0/0xb0
[ 1511.364049]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1511.365279]  __tun_chr_ioctl+0x2156/0x3f60
[ 1511.366522]  ? lock_downgrade+0x6d0/0x6d0
[ 1511.367696]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1511.369068]  ? tun_chr_poll+0x700/0x700
[ 1511.370184]  ? wait_for_completion_io+0x270/0x270
[ 1511.371599]  ? selinux_file_ioctl+0xb6/0x270
[ 1511.372761]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1511.373815]  __x64_sys_ioctl+0x19a/0x210
[ 1511.374547]  do_syscall_64+0x33/0x40
[ 1511.375000]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1511.375622] RIP: 0033:0x7f7955930b19
[ 1511.376074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1511.390337] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1511.391335] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1511.392199] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1511.393067] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1511.393935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1511.394824] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1511.405908] FAULT_INJECTION: forcing a failure.
[ 1511.405908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1511.423506] CPU: 1 PID: 8455 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1511.424338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1511.425340] Call Trace:
[ 1511.425663]  dump_stack+0x107/0x167
[ 1511.426105]  should_fail.cold+0x5/0xa
[ 1511.426587]  _copy_from_user+0x2e/0x1b0
[ 1511.427074]  __tun_chr_ioctl+0x5cb/0x3f60
[ 1511.427578]  ? lock_downgrade+0x6d0/0x6d0
[ 1511.428083]  ? tun_chr_poll+0x700/0x700
[ 1511.428567]  ? clockevents_program_event+0x131/0x360
[ 1511.429191]  ? selinux_file_ioctl+0xb6/0x270
[ 1511.429729]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1511.430287]  __x64_sys_ioctl+0x19a/0x210
[ 1511.430808]  do_syscall_64+0x33/0x40
[ 1511.431258]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1511.431878] RIP: 0033:0x7fc68ced6b19
[ 1511.432329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1511.434583] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1511.435504] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1511.436366] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1511.437229] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1511.438091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1511.438977] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:04:44 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, 0x0)

20:04:44 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:04:44 executing program 4:
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd_index}, 0x80000001)
pipe2(&(0x7f0000000380)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
dup2(r4, r3)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x2904, &(0x7f0000000140)={0x0, 0xf431, 0x4, 0x0, 0x26c, 0x0, r4}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040)=<r5=>0x0, &(0x7f00000001c0))
r6 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000280)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x6)

20:04:44 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 1)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:04:44 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:44 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 40)

20:04:44 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:44 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x1000000, 0x1, 0x0, 0x0)

20:04:44 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:44 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 41)

20:04:44 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 2)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:04:44 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:44 executing program 4:
unlinkat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(0x0, 0x248803, 0x0)
mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_tables_matches\x00')
pread64(r2, &(0x7f0000000240)=""/83, 0x53, 0x200000048)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x6, 0x7f, 0xe7, 0x7, 0x0, 0x401, 0x48000, 0x11, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x7, @perf_bp, 0x1340, 0x5, 0x3ff, 0x2, 0x1, 0x8, 0x0, 0x0, 0x2fff, 0x0, 0x4e77}, 0x0, 0x10, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x9, 0x7, 0x7, 0x1, 0x0, 0x7f, 0x80000, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x7, 0x100}, 0x480, 0x7fffffff, 0xff5, 0x3, 0x6, 0x0, 0x4, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xb, r0, 0x3)
getsockname(r2, &(0x7f0000000240)=@hci, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff810013a0}, 0x0, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x8010, r4, 0x8000000)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x200600, 0x0)
close(r2)
clone3(&(0x7f00000008c0)={0x3040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0)

[ 1511.593886] FAULT_INJECTION: forcing a failure.
[ 1511.593886] name failslab, interval 1, probability 0, space 0, times 0
[ 1511.595340] CPU: 1 PID: 8473 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1511.596164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1511.597163] Call Trace:
[ 1511.597492]  dump_stack+0x107/0x167
[ 1511.597937]  should_fail.cold+0x5/0xa
[ 1511.598435]  ? create_object.isra.0+0x3a/0xa20
[ 1511.598992]  should_failslab+0x5/0x20
[ 1511.599455]  kmem_cache_alloc+0x5b/0x310
[ 1511.599952]  create_object.isra.0+0x3a/0xa20
[ 1511.600486]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1511.601109]  kmem_cache_alloc+0x159/0x310
[ 1511.601626]  __kernfs_new_node+0xd4/0x860
[ 1511.602131]  ? kernfs_activate+0x2c/0x1d0
[ 1511.602660]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1511.603240]  ? lock_release+0x680/0x680
[ 1511.603732]  ? find_held_lock+0x2c/0x110
[ 1511.604232]  kernfs_new_node+0x18d/0x250
[ 1511.604731]  __kernfs_create_file+0x51/0x350
[ 1511.605273]  sysfs_add_file_mode_ns+0x221/0x560
[ 1511.605845]  internal_create_group+0x324/0xb30
[ 1511.606435]  ? sysfs_remove_group+0x170/0x170
[ 1511.606981]  ? kernfs_add_one+0x124/0x4d0
[ 1511.607495]  ? kernfs_create_link+0x1b7/0x230
[ 1511.608044]  internal_create_groups.part.0+0x90/0x140
[ 1511.608674]  sysfs_create_groups+0x25/0x50
[ 1511.609190]  device_add+0x7a9/0x1c50
[ 1511.609648]  ? lockdep_init_map_type+0x2c7/0x780
[ 1511.610233]  ? devlink_add_symlinks+0x970/0x970
[ 1511.610824]  netdev_register_kobject+0x17a/0x3b0
[ 1511.611405]  register_netdevice+0xd6e/0x1480
[ 1511.611945]  ? netdev_change_features+0xb0/0xb0
[ 1511.612514]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1511.613048]  __tun_chr_ioctl+0x2156/0x3f60
[ 1511.613571]  ? lock_downgrade+0x6d0/0x6d0
[ 1511.614080]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1511.614689]  ? tun_chr_poll+0x700/0x700
[ 1511.615175]  ? wait_for_completion_io+0x270/0x270
[ 1511.615770]  ? selinux_file_ioctl+0xb6/0x270
[ 1511.616316]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1511.616865]  __x64_sys_ioctl+0x19a/0x210
[ 1511.617362]  do_syscall_64+0x33/0x40
[ 1511.617816]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1511.618463] RIP: 0033:0x7f7955930b19
[ 1511.618918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1511.621158] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1511.622085] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1511.622978] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1511.623846] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1511.624713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1511.625581] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:04:45 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1511.691729] FAULT_INJECTION: forcing a failure.
[ 1511.691729] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1511.693358] CPU: 0 PID: 8479 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1511.694189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1511.695242] Call Trace:
[ 1511.695577]  dump_stack+0x107/0x167
[ 1511.696047]  should_fail.cold+0x5/0xa
[ 1511.696540]  __alloc_pages_nodemask+0x182/0x600
[ 1511.697133]  ? avc_has_perm_noaudit+0x1f7/0x3e0
20:04:45 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x20000000, 0x1, 0x0, 0x0)

[ 1511.697728]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1511.698502]  ? avc_has_extended_perms+0xf40/0xf40
[ 1511.699093]  ? cred_has_capability.isra.0+0x143/0x2b0
[ 1511.699718]  ? cred_has_capability.isra.0+0x152/0x2b0
[ 1511.700349]  kmalloc_large_node+0x55/0x1a0
[ 1511.706777]  __kmalloc_node+0x30d/0x420
[ 1511.707262]  ? avc_has_perm_noaudit+0x3e0/0x3e0
[ 1511.707831]  kvmalloc_node+0xc0/0x170
[ 1511.708302]  alloc_netdev_mqs+0x97/0xe80
[ 1511.708823]  ? tun_napi_poll+0x540/0x540
[ 1511.709341]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1511.709863]  ? lock_downgrade+0x6d0/0x6d0
[ 1511.710383]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1511.710971]  ? tun_chr_poll+0x700/0x700
[ 1511.711458]  ? wait_for_completion_io+0x270/0x270
[ 1511.712049]  ? selinux_file_ioctl+0xb6/0x270
[ 1511.712589]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1511.713138]  __x64_sys_ioctl+0x19a/0x210
[ 1511.713654]  do_syscall_64+0x33/0x40
[ 1511.714107]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1511.714742] RIP: 0033:0x7fc68ced6b19
[ 1511.715216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1511.717451] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1511.718407] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1511.719271] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1511.720140] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1511.721002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1511.721865] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1525.072808] FAULT_INJECTION: forcing a failure.
[ 1525.072808] name failslab, interval 1, probability 0, space 0, times 0
[ 1525.074287] CPU: 1 PID: 8507 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1525.075131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1525.076141] Call Trace:
[ 1525.076467]  dump_stack+0x107/0x167
[ 1525.076931]  should_fail.cold+0x5/0xa
[ 1525.077416]  ? getname_flags.part.0+0x50/0x4f0
[ 1525.077998]  should_failslab+0x5/0x20
[ 1525.078462]  kmem_cache_alloc+0x5b/0x310
[ 1525.078975]  getname_flags.part.0+0x50/0x4f0
[ 1525.079510]  getname+0x8e/0xd0
[ 1525.079903]  do_sys_openat2+0xf9/0x4d0
[ 1525.080399]  ? build_open_flags+0x6f0/0x6f0
[ 1525.080948]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1525.081562]  ? wait_for_completion_io+0x270/0x270
[ 1525.082178]  __x64_sys_openat+0x13f/0x1f0
[ 1525.082710]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1525.083235]  ? ksys_write+0x1a9/0x260
[ 1525.083704]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1525.084340]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1525.084973]  do_syscall_64+0x33/0x40
[ 1525.085425]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1525.086047] RIP: 0033:0x7f05ed26ab19
[ 1525.086499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1525.088859] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1525.089839] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1525.090770] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1525.091693] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1525.092618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1525.093543] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:04:58 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:04:58 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 1)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:04:58 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:04:58 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 3)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:04:58 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r0 = socket$inet(0xa, 0x3, 0xff)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
creat(&(0x7f0000000080)='./file0\x00', 0xa)
perf_event_open(&(0x7f0000000500)={0x6, 0x80, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x22}, 0x0, 0x0, r1, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
dup(r0)
r2 = perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x1f, 0x0, 0x1f, 0x0, 0x0, 0x5e, 0x2a000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x1, 0x0, 0x0, 0x1f, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000180)=0xa4ffffff, 0x4)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000100)={0x5, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000100)={0x0, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000000, 0x80010, 0xffffffffffffffff, 0x55b75000)
kexec_load(0x0, 0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x1000000, 0x8000000}], 0x0)
setresuid(0xffffffffffffffff, 0x0, 0x0)
gettid()

20:04:58 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x2, 0x0, 0x0)

20:04:58 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 42)

20:04:58 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:58 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 2)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1525.154562] FAULT_INJECTION: forcing a failure.
[ 1525.154562] name failslab, interval 1, probability 0, space 0, times 0
[ 1525.156046] CPU: 0 PID: 8502 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1525.156873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1525.157875] Call Trace:
[ 1525.158203]  dump_stack+0x107/0x167
[ 1525.158648]  should_fail.cold+0x5/0xa
[ 1525.159133]  ? create_object.isra.0+0x3a/0xa20
[ 1525.159691]  should_failslab+0x5/0x20
[ 1525.160160]  kmem_cache_alloc+0x5b/0x310
[ 1525.160659]  create_object.isra.0+0x3a/0xa20
[ 1525.161199]  ? kasan_unpoison_shadow+0x33/0x50
[ 1525.161757]  kmalloc_large_node+0x124/0x1a0
[ 1525.162284]  __kmalloc_node+0x30d/0x420
[ 1525.162786]  ? avc_has_perm_noaudit+0x3e0/0x3e0
[ 1525.163355]  kvmalloc_node+0xc0/0x170
[ 1525.163822]  alloc_netdev_mqs+0x97/0xe80
[ 1525.164321]  ? tun_napi_poll+0x540/0x540
[ 1525.164820]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1525.165344]  ? lock_downgrade+0x6d0/0x6d0
[ 1525.165849]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1525.166433]  ? tun_chr_poll+0x700/0x700
[ 1525.166934]  ? wait_for_completion_io+0x270/0x270
[ 1525.167531]  ? selinux_file_ioctl+0xb6/0x270
[ 1525.168068]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1525.168615]  __x64_sys_ioctl+0x19a/0x210
[ 1525.169109]  do_syscall_64+0x33/0x40
[ 1525.169561]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1525.170187] RIP: 0033:0x7fc68ced6b19
[ 1525.170640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1525.179666] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1525.180844] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1525.181890] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1525.187163] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1525.188225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1525.189252] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:04:58 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x3, 0x0, 0x0)

[ 1525.258738] FAULT_INJECTION: forcing a failure.
[ 1525.258738] name failslab, interval 1, probability 0, space 0, times 0
[ 1525.260327] CPU: 1 PID: 8523 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1525.261221] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1525.262289] Call Trace:
[ 1525.262648]  dump_stack+0x107/0x167
[ 1525.263150]  should_fail.cold+0x5/0xa
[ 1525.263646]  ? create_object.isra.0+0x3a/0xa20
[ 1525.264254]  should_failslab+0x5/0x20
[ 1525.264757]  kmem_cache_alloc+0x5b/0x310
[ 1525.265295]  create_object.isra.0+0x3a/0xa20
[ 1525.265873]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1525.266540]  kmem_cache_alloc+0x159/0x310
[ 1525.267112]  getname_flags.part.0+0x50/0x4f0
[ 1525.267695]  getname+0x8e/0xd0
[ 1525.268124]  do_sys_openat2+0xf9/0x4d0
[ 1525.268629]  ? build_open_flags+0x6f0/0x6f0
[ 1525.269195]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1525.269833]  ? wait_for_completion_io+0x270/0x270
[ 1525.270470]  __x64_sys_openat+0x13f/0x1f0
[ 1525.271028]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1525.271576]  ? ksys_write+0x1a9/0x260
[ 1525.272082]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1525.272771]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1525.273446]  do_syscall_64+0x33/0x40
[ 1525.273934]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1525.274604] RIP: 0033:0x7f05ed26ab19
[ 1525.275108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1525.277501] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1525.278484] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1525.279429] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1525.280369] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1525.281305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1525.282233] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:04:58 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:58 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x8, 0x0, 0x0)

20:04:58 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1525.362302] FAULT_INJECTION: forcing a failure.
[ 1525.362302] name failslab, interval 1, probability 0, space 0, times 0
[ 1525.366219] CPU: 0 PID: 8513 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1525.368575] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1525.375415] Call Trace:
[ 1525.376310]  dump_stack+0x107/0x167
[ 1525.377657]  should_fail.cold+0x5/0xa
[ 1525.379055]  ? __kernfs_new_node+0xd4/0x860
20:04:58 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1525.380587]  should_failslab+0x5/0x20
[ 1525.387021]  kmem_cache_alloc+0x5b/0x310
[ 1525.387776]  __kernfs_new_node+0xd4/0x860
[ 1525.388542]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1525.389406]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1525.390330]  ? wait_for_completion_io+0x270/0x270
[ 1525.391245]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1525.392240]  kernfs_new_node+0x18d/0x250
[ 1525.393005]  __kernfs_create_file+0x51/0x350
[ 1525.393795]  sysfs_add_file_mode_ns+0x221/0x560
[ 1525.394666]  internal_create_group+0x324/0xb30
[ 1525.395529]  ? sysfs_remove_group+0x170/0x170
[ 1525.396357]  ? kernfs_add_one+0x124/0x4d0
[ 1525.397154]  ? kernfs_create_link+0x1b7/0x230
[ 1525.398003]  internal_create_groups.part.0+0x90/0x140
[ 1525.398946]  sysfs_create_groups+0x25/0x50
[ 1525.399747]  device_add+0x7a9/0x1c50
[ 1525.400422]  ? lockdep_init_map_type+0x2c7/0x780
[ 1525.401325]  ? devlink_add_symlinks+0x970/0x970
[ 1525.402207]  netdev_register_kobject+0x17a/0x3b0
[ 1525.403099]  register_netdevice+0xd6e/0x1480
[ 1525.403912]  ? netdev_change_features+0xb0/0xb0
[ 1525.404764]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1525.405354]  __tun_chr_ioctl+0x2156/0x3f60
[ 1525.405930]  ? lock_downgrade+0x6d0/0x6d0
[ 1525.406482]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1525.407144]  ? tun_chr_poll+0x700/0x700
[ 1525.407683]  ? wait_for_completion_io+0x270/0x270
[ 1525.408337]  ? selinux_file_ioctl+0xb6/0x270
[ 1525.408930]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1525.409535]  __x64_sys_ioctl+0x19a/0x210
[ 1525.410068]  do_syscall_64+0x33/0x40
[ 1525.410576]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1525.411251] RIP: 0033:0x7f7955930b19
[ 1525.411736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1525.414150] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1525.415312] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1525.416630] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1525.417925] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1525.419258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1525.420560] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:04:58 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:04:58 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x417, 0x0, 0x0)

[ 1539.127978] FAULT_INJECTION: forcing a failure.
[ 1539.127978] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1539.131512] CPU: 0 PID: 8563 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1539.132397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1539.133470] Call Trace:
[ 1539.133821]  dump_stack+0x107/0x167
[ 1539.134297]  should_fail.cold+0x5/0xa
[ 1539.134794]  strncpy_from_user+0x34/0x470
[ 1539.143488]  getname_flags.part.0+0x95/0x4f0
[ 1539.144066]  getname+0x8e/0xd0
[ 1539.144492]  do_sys_openat2+0xf9/0x4d0
[ 1539.145003]  ? build_open_flags+0x6f0/0x6f0
[ 1539.145569]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1539.146206]  ? wait_for_completion_io+0x270/0x270
[ 1539.146850]  __x64_sys_openat+0x13f/0x1f0
[ 1539.147416]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1539.147975]  ? ksys_write+0x1a9/0x260
[ 1539.148483]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1539.149170]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1539.149473] FAULT_INJECTION: forcing a failure.
[ 1539.149473] name failslab, interval 1, probability 0, space 0, times 0
[ 1539.149812]  do_syscall_64+0x33/0x40
[ 1539.151591]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1539.152222] RIP: 0033:0x7f05ed26ab19
[ 1539.152677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
20:05:12 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 43)

20:05:12 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:05:12 executing program 4:
r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x3c0da7da}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x0, 0xe, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, 0x0, 0x5)

20:05:12 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:05:12 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 4)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:05:12 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x500, 0x0, 0x0)

20:05:12 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 3)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:05:12 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1539.154913] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1539.155868] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1539.156743] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1539.157614] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1539.158488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1539.159370] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1539.160268] CPU: 1 PID: 8566 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1539.168074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1539.169150] Call Trace:
[ 1539.169504]  dump_stack+0x107/0x167
[ 1539.169985]  should_fail.cold+0x5/0xa
[ 1539.170493]  ? create_object.isra.0+0x3a/0xa20
[ 1539.171095]  should_failslab+0x5/0x20
[ 1539.171614]  kmem_cache_alloc+0x5b/0x310
[ 1539.172152]  create_object.isra.0+0x3a/0xa20
[ 1539.172735]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1539.173407]  kmem_cache_alloc+0x159/0x310
[ 1539.173967]  __kernfs_new_node+0xd4/0x860
[ 1539.174514]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1539.175139]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1539.179812]  ? wait_for_completion_io+0x270/0x270
[ 1539.180455]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1539.181153]  kernfs_new_node+0x18d/0x250
[ 1539.181685]  __kernfs_create_file+0x51/0x350
[ 1539.182224]  sysfs_add_file_mode_ns+0x221/0x560
[ 1539.182847]  internal_create_group+0x324/0xb30
[ 1539.183462]  ? sysfs_remove_group+0x170/0x170
[ 1539.184042]  ? kernfs_add_one+0x124/0x4d0
[ 1539.184591]  ? kernfs_create_link+0x1b7/0x230
[ 1539.185183]  internal_create_groups.part.0+0x90/0x140
[ 1539.185860]  sysfs_create_groups+0x25/0x50
[ 1539.186416]  device_add+0x7a9/0x1c50
[ 1539.186905]  ? lockdep_init_map_type+0x2c7/0x780
[ 1539.187534]  ? devlink_add_symlinks+0x970/0x970
[ 1539.188153]  netdev_register_kobject+0x17a/0x3b0
[ 1539.188777]  register_netdevice+0xd6e/0x1480
[ 1539.189367]  ? netdev_change_features+0xb0/0xb0
[ 1539.189986]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1539.190571]  __tun_chr_ioctl+0x2156/0x3f60
[ 1539.191129]  ? lock_downgrade+0x6d0/0x6d0
[ 1539.191698]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1539.192337]  ? tun_chr_poll+0x700/0x700
[ 1539.192863]  ? wait_for_completion_io+0x270/0x270
[ 1539.193499]  ? selinux_file_ioctl+0xb6/0x270
[ 1539.194081]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1539.194675]  __x64_sys_ioctl+0x19a/0x210
[ 1539.195218]  do_syscall_64+0x33/0x40
[ 1539.195716]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1539.196381] RIP: 0033:0x7f7955930b19
[ 1539.196869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1539.199280] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1539.200284] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1539.201219] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1539.202160] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1539.203105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1539.204063] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:05:12 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1704, 0x0, 0x0)

20:05:12 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:05:12 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:05:12 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1539.286244] FAULT_INJECTION: forcing a failure.
[ 1539.286244] name failslab, interval 1, probability 0, space 0, times 0
[ 1539.289561] CPU: 0 PID: 8565 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1539.291427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1539.293679] Call Trace:
[ 1539.294396]  dump_stack+0x107/0x167
[ 1539.303320]  should_fail.cold+0x5/0xa
[ 1539.303788]  ? create_object.isra.0+0x3a/0xa20
[ 1539.304346]  should_failslab+0x5/0x20
[ 1539.304809]  kmem_cache_alloc+0x5b/0x310
[ 1539.305312]  create_object.isra.0+0x3a/0xa20
[ 1539.305851]  kmemleak_alloc_percpu+0xa0/0x100
[ 1539.306404]  pcpu_alloc+0x4e2/0x1240
[ 1539.306871]  alloc_netdev_mqs+0x104/0xe80
[ 1539.307394]  ? tun_napi_poll+0x540/0x540
[ 1539.307895]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1539.308416]  ? lock_downgrade+0x6d0/0x6d0
[ 1539.308920]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1539.309510]  ? tun_chr_poll+0x700/0x700
[ 1539.309993]  ? wait_for_completion_io+0x270/0x270
[ 1539.310585]  ? selinux_file_ioctl+0xb6/0x270
[ 1539.311122]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1539.311689]  __x64_sys_ioctl+0x19a/0x210
[ 1539.312183]  do_syscall_64+0x33/0x40
[ 1539.312634]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1539.313255] RIP: 0033:0x7fc68ced6b19
[ 1539.313707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1539.315957] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1539.316878] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1539.317742] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1539.318604] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1539.319478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1539.320340] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:05:12 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x2000)

20:05:12 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:05:12 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:05:12 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 4)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:05:12 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 44)

[ 1539.468328] FAULT_INJECTION: forcing a failure.
[ 1539.468328] name failslab, interval 1, probability 0, space 0, times 0
[ 1539.469790] CPU: 1 PID: 8587 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1539.470621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1539.471651] Call Trace:
[ 1539.471981]  dump_stack+0x107/0x167
[ 1539.472429]  should_fail.cold+0x5/0xa
[ 1539.472896]  ? __alloc_file+0x21/0x320
[ 1539.473370]  should_failslab+0x5/0x20
[ 1539.473832]  kmem_cache_alloc+0x5b/0x310
[ 1539.474329]  __alloc_file+0x21/0x320
[ 1539.474782]  alloc_empty_file+0x6d/0x170
[ 1539.475286]  path_openat+0xe6/0x2770
[ 1539.475761]  ? __lock_acquire+0x1657/0x5b00
[ 1539.476313]  ? path_lookupat+0x860/0x860
[ 1539.476833]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1539.477492]  ? lock_acquire+0x197/0x470
[ 1539.477651] FAULT_INJECTION: forcing a failure.
[ 1539.477651] name failslab, interval 1, probability 0, space 0, times 0
[ 1539.477993]  ? find_held_lock+0x2c/0x110
[ 1539.478015]  do_filp_open+0x190/0x3e0
[ 1539.480297]  ? may_open_dev+0xf0/0xf0
[ 1539.480762]  ? alloc_fd+0x2e7/0x670
[ 1539.481202]  ? lock_downgrade+0x6d0/0x6d0
[ 1539.481705]  ? do_raw_spin_lock+0x121/0x260
[ 1539.482228]  ? rwlock_bug.part.0+0x90/0x90
[ 1539.482744]  ? _raw_spin_unlock+0x1a/0x30
[ 1539.483263]  ? alloc_fd+0x2e7/0x670
[ 1539.483726]  do_sys_openat2+0x171/0x4d0
[ 1539.484211]  ? build_open_flags+0x6f0/0x6f0
[ 1539.484733]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1539.485318]  ? wait_for_completion_io+0x270/0x270
[ 1539.485905]  __x64_sys_openat+0x13f/0x1f0
[ 1539.486405]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1539.486914]  ? ksys_write+0x1a9/0x260
[ 1539.487411]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1539.488046]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1539.488675]  do_syscall_64+0x33/0x40
[ 1539.489125]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1539.489744] RIP: 0033:0x7f05ed26ab19
[ 1539.490196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1539.492436] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1539.493356] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1539.494222] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1539.495083] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1539.495962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1539.496822] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1539.497700] CPU: 0 PID: 8589 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1539.498541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1539.499567] Call Trace:
[ 1539.499888]  dump_stack+0x107/0x167
[ 1539.500331]  should_fail.cold+0x5/0xa
[ 1539.500798]  ? __kernfs_new_node+0xd4/0x860
[ 1539.501322]  should_failslab+0x5/0x20
[ 1539.501789]  kmem_cache_alloc+0x5b/0x310
[ 1539.502293]  __kernfs_new_node+0xd4/0x860
[ 1539.502803]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1539.503399]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1539.503985]  ? wait_for_completion_io+0x270/0x270
[ 1539.507636]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1539.508274]  kernfs_new_node+0x18d/0x250
[ 1539.508768]  __kernfs_create_file+0x51/0x350
[ 1539.509300]  sysfs_add_file_mode_ns+0x221/0x560
[ 1539.509867]  internal_create_group+0x324/0xb30
[ 1539.510427]  ? sysfs_remove_group+0x170/0x170
[ 1539.510967]  ? kernfs_add_one+0x124/0x4d0
[ 1539.511490]  ? kernfs_create_link+0x1b7/0x230
[ 1539.512035]  internal_create_groups.part.0+0x90/0x140
[ 1539.512658]  sysfs_create_groups+0x25/0x50
[ 1539.513170]  device_add+0x7a9/0x1c50
[ 1539.513622]  ? lockdep_init_map_type+0x2c7/0x780
[ 1539.514193]  ? devlink_add_symlinks+0x970/0x970
[ 1539.514768]  netdev_register_kobject+0x17a/0x3b0
[ 1539.515361]  register_netdevice+0xd6e/0x1480
[ 1539.515896]  ? netdev_change_features+0xb0/0xb0
[ 1539.516460]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1539.516989]  __tun_chr_ioctl+0x2156/0x3f60
[ 1539.517508]  ? lock_downgrade+0x6d0/0x6d0
[ 1539.518009]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1539.518591]  ? tun_chr_poll+0x700/0x700
[ 1539.519069]  ? vfs_write+0x610/0xb10
[ 1539.519531]  ? wait_for_completion_io+0x270/0x270
[ 1539.520121]  ? selinux_file_ioctl+0xb6/0x270
[ 1539.520655]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1539.521198]  __x64_sys_ioctl+0x19a/0x210
[ 1539.521689]  do_syscall_64+0x33/0x40
[ 1539.522138]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1539.522754] RIP: 0033:0x7f7955930b19
[ 1539.523203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1539.525430] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1539.526347] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1539.527212] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1539.532098] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1539.532958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1539.533817] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1552.891513] FAULT_INJECTION: forcing a failure.
[ 1552.891513] name failslab, interval 1, probability 0, space 0, times 0
[ 1552.893082] CPU: 0 PID: 8606 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1552.893914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1552.894924] Call Trace:
[ 1552.895252]  dump_stack+0x107/0x167
[ 1552.895703]  should_fail.cold+0x5/0xa
[ 1552.896171]  ? create_object.isra.0+0x3a/0xa20
[ 1552.896727]  should_failslab+0x5/0x20
[ 1552.897189]  kmem_cache_alloc+0x5b/0x310
[ 1552.897683]  ? mark_held_locks+0x9e/0xe0
[ 1552.898177]  create_object.isra.0+0x3a/0xa20
[ 1552.898717]  kmemleak_alloc_percpu+0xa0/0x100
[ 1552.899263]  pcpu_alloc+0x4e2/0x1240
[ 1552.900452] FAULT_INJECTION: forcing a failure.
[ 1552.900452] name failslab, interval 1, probability 0, space 0, times 0
[ 1552.903801]  alloc_netdev_mqs+0x104/0xe80
[ 1552.903815]  ? tun_napi_poll+0x540/0x540
[ 1552.903832]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1552.903846]  ? lock_downgrade+0x6d0/0x6d0
[ 1552.903859]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1552.903878]  ? tun_chr_poll+0x700/0x700
[ 1552.908362]  ? wait_for_completion_io+0x270/0x270
[ 1552.908953]  ? selinux_file_ioctl+0xb6/0x270
[ 1552.909494]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1552.910040]  __x64_sys_ioctl+0x19a/0x210
[ 1552.910537]  do_syscall_64+0x33/0x40
[ 1552.910988]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1552.911611] RIP: 0033:0x7fc68ced6b19
[ 1552.912074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1552.914303] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1552.915226] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1552.916104] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1552.916968] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1552.917833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1552.918699] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1552.919587] CPU: 1 PID: 8612 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1552.920458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1552.921461] Call Trace:
[ 1552.921790]  dump_stack+0x107/0x167
[ 1552.922234]  should_fail.cold+0x5/0xa
[ 1552.922700]  ? create_object.isra.0+0x3a/0xa20
[ 1552.923257]  should_failslab+0x5/0x20
[ 1552.927748]  kmem_cache_alloc+0x5b/0x310
[ 1552.928254]  create_object.isra.0+0x3a/0xa20
[ 1552.928786]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1552.929402]  kmem_cache_alloc+0x159/0x310
[ 1552.929908]  __alloc_file+0x21/0x320
[ 1552.930358]  alloc_empty_file+0x6d/0x170
[ 1552.930852]  path_openat+0xe6/0x2770
20:05:26 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:05:26 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:05:26 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:05:26 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:05:26 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 5)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:05:26 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x4000)

20:05:26 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 5)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:05:26 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 45)

[ 1552.931304]  ? __lock_acquire+0x1657/0x5b00
[ 1552.939896]  ? path_lookupat+0x860/0x860
[ 1552.940396]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1552.941032]  ? lock_acquire+0x197/0x470
[ 1552.941517]  ? find_held_lock+0x2c/0x110
[ 1552.942017]  do_filp_open+0x190/0x3e0
[ 1552.942480]  ? may_open_dev+0xf0/0xf0
[ 1552.942947]  ? alloc_fd+0x2e7/0x670
[ 1552.943398]  ? lock_downgrade+0x6d0/0x6d0
[ 1552.943923]  ? do_raw_spin_lock+0x121/0x260
[ 1552.944448]  ? rwlock_bug.part.0+0x90/0x90
[ 1552.944966]  ? _raw_spin_unlock+0x1a/0x30
[ 1552.945468]  ? alloc_fd+0x2e7/0x670
[ 1552.945917]  do_sys_openat2+0x171/0x4d0
[ 1552.946403]  ? build_open_flags+0x6f0/0x6f0
[ 1552.946929]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1552.947518]  ? wait_for_completion_io+0x270/0x270
[ 1552.948120]  __x64_sys_openat+0x13f/0x1f0
[ 1552.948621]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1552.949132]  ? ksys_write+0x1a9/0x260
[ 1552.949597]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1552.950230]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1552.950853]  do_syscall_64+0x33/0x40
[ 1552.951304]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1552.951935] RIP: 0033:0x7f05ed26ab19
[ 1552.952386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1552.954600] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1552.955519] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1552.956392] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1552.957254] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1552.958114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
20:05:26 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x400000)

[ 1552.958974] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1552.999930] FAULT_INJECTION: forcing a failure.
[ 1552.999930] name failslab, interval 1, probability 0, space 0, times 0
[ 1553.001330] CPU: 1 PID: 8611 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1553.002154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1553.003155] Call Trace:
[ 1553.003476]  dump_stack+0x107/0x167
[ 1553.003937]  should_fail.cold+0x5/0xa
[ 1553.004407]  ? create_object.isra.0+0x3a/0xa20
[ 1553.004964]  should_failslab+0x5/0x20
[ 1553.005447]  kmem_cache_alloc+0x5b/0x310
[ 1553.005966]  create_object.isra.0+0x3a/0xa20
[ 1553.006524]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1553.007171]  kmem_cache_alloc+0x159/0x310
[ 1553.007720]  __kernfs_new_node+0xd4/0x860
[ 1553.008234]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1553.008816]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1553.009411]  ? wait_for_completion_io+0x270/0x270
[ 1553.010000]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1553.010643]  kernfs_new_node+0x18d/0x250
[ 1553.011141]  __kernfs_create_file+0x51/0x350
[ 1553.011677]  sysfs_add_file_mode_ns+0x221/0x560
[ 1553.012262]  internal_create_group+0x324/0xb30
[ 1553.012822]  ? sysfs_remove_group+0x170/0x170
20:05:26 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:05:26 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1553.013366]  ? kernfs_add_one+0x124/0x4d0
[ 1553.024228]  ? kernfs_create_link+0x1b7/0x230
[ 1553.024780]  internal_create_groups.part.0+0x90/0x140
[ 1553.025411]  sysfs_create_groups+0x25/0x50
[ 1553.025928]  device_add+0x7a9/0x1c50
[ 1553.026388]  ? lockdep_init_map_type+0x2c7/0x780
[ 1553.026961]  ? devlink_add_symlinks+0x970/0x970
[ 1553.027535]  netdev_register_kobject+0x17a/0x3b0
[ 1553.028138]  register_netdevice+0xd6e/0x1480
[ 1553.028676]  ? netdev_change_features+0xb0/0xb0
[ 1553.029245]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1553.029788]  __tun_chr_ioctl+0x2156/0x3f60
[ 1553.030304]  ? lock_downgrade+0x6d0/0x6d0
[ 1553.030807]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1553.031394]  ? tun_chr_poll+0x700/0x700
[ 1553.031903]  ? wait_for_completion_io+0x270/0x270
[ 1553.032497]  ? selinux_file_ioctl+0xb6/0x270
[ 1553.033036]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1553.033584]  __x64_sys_ioctl+0x19a/0x210
[ 1553.034081]  do_syscall_64+0x33/0x40
[ 1553.034533]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1553.035162] RIP: 0033:0x7f7955930b19
[ 1553.035616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1553.037872] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1553.038797] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1553.039662] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1553.040553] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1553.041419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1553.042287] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:05:26 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 6)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:05:26 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 6)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1553.177567] FAULT_INJECTION: forcing a failure.
[ 1553.177567] name failslab, interval 1, probability 0, space 0, times 0
[ 1553.178990] CPU: 0 PID: 8626 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1553.179832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1553.180838] Call Trace:
[ 1553.181167]  dump_stack+0x107/0x167
[ 1553.181614]  should_fail.cold+0x5/0xa
[ 1553.182083]  ? security_file_alloc+0x34/0x170
[ 1553.182633]  should_failslab+0x5/0x20
[ 1553.183099]  kmem_cache_alloc+0x5b/0x310
[ 1553.183600]  security_file_alloc+0x34/0x170
[ 1553.184154]  __alloc_file+0xb7/0x320
[ 1553.184606]  alloc_empty_file+0x6d/0x170
[ 1553.185097]  path_openat+0xe6/0x2770
[ 1553.185549]  ? __lock_acquire+0x1657/0x5b00
[ 1553.186075]  ? path_lookupat+0x860/0x860
[ 1553.186567]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1553.187196]  ? lock_acquire+0x197/0x470
[ 1553.187676]  ? find_held_lock+0x2c/0x110
[ 1553.188201]  do_filp_open+0x190/0x3e0
[ 1553.188661]  ? may_open_dev+0xf0/0xf0
[ 1553.189124]  ? alloc_fd+0x2e7/0x670
[ 1553.189564]  ? lock_downgrade+0x6d0/0x6d0
[ 1553.190065]  ? do_raw_spin_lock+0x121/0x260
[ 1553.190587]  ? rwlock_bug.part.0+0x90/0x90
[ 1553.191103]  ? _raw_spin_unlock+0x1a/0x30
[ 1553.191601]  ? alloc_fd+0x2e7/0x670
[ 1553.192063]  do_sys_openat2+0x171/0x4d0
[ 1553.192546]  ? build_open_flags+0x6f0/0x6f0
[ 1553.193067]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1553.193653]  ? wait_for_completion_io+0x270/0x270
[ 1553.194239]  __x64_sys_openat+0x13f/0x1f0
[ 1553.194740]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1553.195249]  ? ksys_write+0x1a9/0x260
[ 1553.195722]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1553.196370]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1553.196994]  do_syscall_64+0x33/0x40
[ 1553.197445]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1553.198064] RIP: 0033:0x7f05ed26ab19
[ 1553.198517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1553.200762] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1553.201683] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1553.202545] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1553.203406] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1553.204295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1553.205157] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:05:26 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 46)

[ 1553.235016] FAULT_INJECTION: forcing a failure.
[ 1553.235016] name failslab, interval 1, probability 0, space 0, times 0
[ 1553.236593] CPU: 0 PID: 8628 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1553.237428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1553.238434] Call Trace:
[ 1553.238763]  dump_stack+0x107/0x167
[ 1553.239208]  should_fail.cold+0x5/0xa
[ 1553.239676]  ? __hw_addr_create_ex+0x5b/0x2c0
[ 1553.240262]  should_failslab+0x5/0x20
[ 1553.240728]  kmem_cache_alloc_trace+0x55/0x320
[ 1553.241290]  __hw_addr_create_ex+0x5b/0x2c0
[ 1553.241825]  __hw_addr_add_ex+0x1ed/0x2b0
[ 1553.242334]  dev_addr_init+0x10b/0x1f0
[ 1553.242809]  ? __hw_addr_ref_sync_dev+0x3b0/0x3b0
[ 1553.243409]  alloc_netdev_mqs+0x13c/0xe80
[ 1553.243940]  ? tun_napi_poll+0x540/0x540
[ 1553.244444]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1553.244963]  ? lock_downgrade+0x6d0/0x6d0
[ 1553.245472]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1553.246059]  ? tun_chr_poll+0x700/0x700
[ 1553.246545]  ? wait_for_completion_io+0x270/0x270
[ 1553.247140]  ? selinux_file_ioctl+0xb6/0x270
[ 1553.247679]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1553.248248]  __x64_sys_ioctl+0x19a/0x210
[ 1553.248769]  do_syscall_64+0x33/0x40
[ 1553.249222]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1553.249844] RIP: 0033:0x7fc68ced6b19
[ 1553.250296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1553.252551] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1553.253470] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1553.254330] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1553.255188] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1553.256078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1553.256951] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1553.258654] FAULT_INJECTION: forcing a failure.
[ 1553.258654] name failslab, interval 1, probability 0, space 0, times 0
[ 1553.260221] CPU: 1 PID: 8631 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1553.261056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1553.262059] Call Trace:
[ 1553.262389]  dump_stack+0x107/0x167
[ 1553.262836]  should_fail.cold+0x5/0xa
20:05:26 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1553.263306]  ? __kernfs_new_node+0xd4/0x860
[ 1553.268041]  should_failslab+0x5/0x20
[ 1553.268507]  kmem_cache_alloc+0x5b/0x310
[ 1553.269006]  __kernfs_new_node+0xd4/0x860
[ 1553.269515]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1553.270097]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1553.270685]  ? wait_for_completion_io+0x270/0x270
[ 1553.271273]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1553.271931]  kernfs_new_node+0x18d/0x250
[ 1553.272428]  __kernfs_create_file+0x51/0x350
[ 1553.272971]  sysfs_add_file_mode_ns+0x221/0x560
[ 1553.273542]  internal_create_group+0x324/0xb30
[ 1553.274102]  ? sysfs_remove_group+0x170/0x170
[ 1553.274646]  ? kernfs_add_one+0x124/0x4d0
[ 1553.275153]  ? kernfs_create_link+0x1b7/0x230
[ 1553.275700]  internal_create_groups.part.0+0x90/0x140
[ 1553.276350]  sysfs_create_groups+0x25/0x50
[ 1553.276866]  device_add+0x7a9/0x1c50
[ 1553.277324]  ? lockdep_init_map_type+0x2c7/0x780
[ 1553.277899]  ? devlink_add_symlinks+0x970/0x970
[ 1553.278473]  netdev_register_kobject+0x17a/0x3b0
[ 1553.279052]  register_netdevice+0xd6e/0x1480
[ 1553.279589]  ? netdev_change_features+0xb0/0xb0
[ 1553.280175]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1553.280706]  __tun_chr_ioctl+0x2156/0x3f60
[ 1553.281221]  ? lock_downgrade+0x6d0/0x6d0
[ 1553.281725]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1553.282310]  ? tun_chr_poll+0x700/0x700
[ 1553.282793]  ? wait_for_completion_io+0x270/0x270
[ 1553.283386]  ? selinux_file_ioctl+0xb6/0x270
[ 1553.283938]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1553.284486]  __x64_sys_ioctl+0x19a/0x210
[ 1553.284981]  do_syscall_64+0x33/0x40
[ 1553.285433]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1553.286054] RIP: 0033:0x7f7955930b19
[ 1553.286507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1553.292764] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1553.293685] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1553.294546] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1553.295410] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1553.296309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1553.297173] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:05:26 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x800000)

20:05:26 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:05:40 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 7)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:05:40 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 47)

20:05:40 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:05:40 executing program 4:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYRESOCT=r0, @ANYRESHEX=r1, @ANYBLOB="2c6d73697a65d56b00003030303030303030303830303030332c00"])
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000080)={0x0, 0x1, 0x123, 0x7f})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020101000440008000f801", 0x17}, {0x0, 0x0, 0xa00}], 0x0, &(0x7f0000000040)={[{@fat=@sys_immutable}]})

20:05:40 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:05:40 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1567.168627] FAULT_INJECTION: forcing a failure.
[ 1567.168627] name failslab, interval 1, probability 0, space 0, times 0
[ 1567.170182] CPU: 1 PID: 8653 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1567.171008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1567.172014] Call Trace:
[ 1567.172362]  dump_stack+0x107/0x167
[ 1567.172806]  should_fail.cold+0x5/0xa
[ 1567.173274]  ? create_object.isra.0+0x3a/0xa20
[ 1567.173848]  should_failslab+0x5/0x20
[ 1567.174312]  kmem_cache_alloc+0x5b/0x310
[ 1567.174805]  create_object.isra.0+0x3a/0xa20
[ 1567.175339]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1567.175956]  kmem_cache_alloc+0x159/0x310
[ 1567.176483]  __kernfs_new_node+0xd4/0x860
[ 1567.176988]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1567.177567]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1567.178154]  ? wait_for_completion_io+0x270/0x270
[ 1567.178743]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1567.179384]  kernfs_new_node+0x18d/0x250
[ 1567.179879]  __kernfs_create_file+0x51/0x350
[ 1567.180288] 9pnet: Insufficient options for proto=fd
[ 1567.180431]  sysfs_add_file_mode_ns+0x221/0x560
[ 1567.180457]  internal_create_group+0x324/0xb30
[ 1567.182196]  ? sysfs_remove_group+0x170/0x170
[ 1567.182748]  ? kernfs_add_one+0x124/0x4d0
[ 1567.183254]  ? kernfs_create_link+0x1b7/0x230
20:05:40 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 7)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:05:40 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x1000000)

[ 1567.183799]  internal_create_groups.part.0+0x90/0x140
[ 1567.188468]  sysfs_create_groups+0x25/0x50
[ 1567.188991]  device_add+0x7a9/0x1c50
[ 1567.189450]  ? lockdep_init_map_type+0x2c7/0x780
[ 1567.190022]  ? devlink_add_symlinks+0x970/0x970
[ 1567.190593]  netdev_register_kobject+0x17a/0x3b0
[ 1567.191169]  register_netdevice+0xd6e/0x1480
[ 1567.200731]  ? netdev_change_features+0xb0/0xb0
[ 1567.201306]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1567.201837]  __tun_chr_ioctl+0x2156/0x3f60
[ 1567.202351]  ? lock_downgrade+0x6d0/0x6d0
[ 1567.202855]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1567.203439]  ? tun_chr_poll+0x700/0x700
[ 1567.203924]  ? wait_for_completion_io+0x270/0x270
[ 1567.204528]  ? selinux_file_ioctl+0xb6/0x270
[ 1567.205067]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1567.205618]  __x64_sys_ioctl+0x19a/0x210
[ 1567.206112]  do_syscall_64+0x33/0x40
[ 1567.206563]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1567.207185] RIP: 0033:0x7f7955930b19
[ 1567.207643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1567.209877] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1567.210799] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1567.211668] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1567.212540] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1567.213403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1567.214269] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1567.229885] FAULT_INJECTION: forcing a failure.
[ 1567.229885] name failslab, interval 1, probability 0, space 0, times 0
[ 1567.231344] CPU: 1 PID: 8661 Comm: syz-executor.5 Not tainted 5.10.226 #1
20:05:40 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1567.232171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1567.233187] Call Trace:
[ 1567.233510]  dump_stack+0x107/0x167
[ 1567.233951]  should_fail.cold+0x5/0xa
[ 1567.234415]  ? create_object.isra.0+0x3a/0xa20
[ 1567.234969]  should_failslab+0x5/0x20
[ 1567.244405]  kmem_cache_alloc+0x5b/0x310
[ 1567.244900]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 1567.245565]  create_object.isra.0+0x3a/0xa20
[ 1567.246098]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1567.246715]  kmem_cache_alloc+0x159/0x310
[ 1567.247225]  security_file_alloc+0x34/0x170
[ 1567.247748]  __alloc_file+0xb7/0x320
[ 1567.248199]  alloc_empty_file+0x6d/0x170
[ 1567.248706]  path_openat+0xe6/0x2770
[ 1567.249159]  ? __lock_acquire+0x1657/0x5b00
[ 1567.249685]  ? path_lookupat+0x860/0x860
[ 1567.250179]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1567.250815]  ? lock_acquire+0x197/0x470
[ 1567.251296]  ? find_held_lock+0x2c/0x110
[ 1567.251793]  do_filp_open+0x190/0x3e0
[ 1567.252267]  ? may_open_dev+0xf0/0xf0
[ 1567.252737]  ? alloc_fd+0x2e7/0x670
[ 1567.253178]  ? lock_downgrade+0x6d0/0x6d0
[ 1567.253681]  ? do_raw_spin_lock+0x121/0x260
[ 1567.254204]  ? rwlock_bug.part.0+0x90/0x90
[ 1567.254721]  ? _raw_spin_unlock+0x1a/0x30
[ 1567.255221]  ? alloc_fd+0x2e7/0x670
[ 1567.255669]  do_sys_openat2+0x171/0x4d0
[ 1567.256152]  ? build_open_flags+0x6f0/0x6f0
[ 1567.256691]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1567.257278]  ? wait_for_completion_io+0x270/0x270
[ 1567.257866]  __x64_sys_openat+0x13f/0x1f0
[ 1567.258367]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1567.258878]  ? ksys_write+0x1a9/0x260
[ 1567.259344]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1567.259977]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1567.260613]  do_syscall_64+0x33/0x40
[ 1567.261065]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1567.261685] RIP: 0033:0x7f05ed26ab19
[ 1567.262138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1567.268402] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1567.269321] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1567.270182] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1567.271041] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1567.271902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1567.272780] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1567.298217] FAULT_INJECTION: forcing a failure.
[ 1567.298217] name failslab, interval 1, probability 0, space 0, times 0
[ 1567.299696] CPU: 1 PID: 8657 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1567.300539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1567.301540] Call Trace:
[ 1567.301869]  dump_stack+0x107/0x167
[ 1567.302313]  should_fail.cold+0x5/0xa
[ 1567.302780]  ? create_object.isra.0+0x3a/0xa20
[ 1567.303341]  should_failslab+0x5/0x20
[ 1567.303804]  kmem_cache_alloc+0x5b/0x310
[ 1567.304319]  ? lock_release+0x680/0x680
[ 1567.304805]  create_object.isra.0+0x3a/0xa20
[ 1567.305341]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1567.305962]  kmem_cache_alloc_trace+0x151/0x320
[ 1567.306559]  __hw_addr_create_ex+0x5b/0x2c0
[ 1567.307108]  __hw_addr_add_ex+0x1ed/0x2b0
[ 1567.307636]  dev_addr_init+0x10b/0x1f0
[ 1567.308110]  ? __hw_addr_ref_sync_dev+0x3b0/0x3b0
[ 1567.308718]  alloc_netdev_mqs+0x13c/0xe80
[ 1567.309223]  ? tun_napi_poll+0x540/0x540
[ 1567.309721]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1567.310236]  ? lock_downgrade+0x6d0/0x6d0
[ 1567.310742]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1567.311327]  ? tun_chr_poll+0x700/0x700
[ 1567.311812]  ? wait_for_completion_io+0x270/0x270
[ 1567.312417]  ? selinux_file_ioctl+0xb6/0x270
[ 1567.312956]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1567.313502]  __x64_sys_ioctl+0x19a/0x210
[ 1567.313998]  do_syscall_64+0x33/0x40
[ 1567.314450]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1567.315072] RIP: 0033:0x7fc68ced6b19
[ 1567.315525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1567.321780] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1567.322703] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1567.323567] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1567.324445] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1567.325304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1567.326163] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:05:40 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0)
write$P9_RREADLINK(r3, &(0x7f0000000080)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10)
dup2(r2, r1)

20:05:40 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:05:40 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x20000000)

20:05:40 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:05:40 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 8)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:05:40 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 8)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:05:40 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:05:40 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 48)

20:05:40 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:05:40 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1567.571480] FAULT_INJECTION: forcing a failure.
[ 1567.571480] name failslab, interval 1, probability 0, space 0, times 0
[ 1567.572962] CPU: 0 PID: 8687 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1567.573793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1567.574796] Call Trace:
[ 1567.575123]  dump_stack+0x107/0x167
[ 1567.575569]  should_fail.cold+0x5/0xa
[ 1567.576037]  ? tty_alloc_file+0x3d/0xa0
[ 1567.576568]  should_failslab+0x5/0x20
[ 1567.577039]  kmem_cache_alloc_trace+0x55/0x320
[ 1567.577596]  ? kobject_get_unless_zero+0x15a/0x1e0
[ 1567.578199]  ? pty_open+0x310/0x310
[ 1567.578643]  tty_alloc_file+0x3d/0xa0
[ 1567.579107]  ptmx_open+0x63/0x370
[ 1567.579531]  ? pty_open+0x310/0x310
[ 1567.579973]  chrdev_open+0x268/0x6e0
[ 1567.580442]  ? __unregister_chrdev+0x110/0x110
[ 1567.581003]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1567.581576]  do_dentry_open+0x4b7/0x1090
[ 1567.582071]  ? __unregister_chrdev+0x110/0x110
[ 1567.582625]  ? may_open+0x1e4/0x400
[ 1567.583077]  path_openat+0x19ba/0x2770
[ 1567.583561]  ? path_lookupat+0x860/0x860
[ 1567.584058]  ? lock_acquire+0x197/0x470
[ 1567.584555]  ? find_held_lock+0x2c/0x110
[ 1567.585056]  do_filp_open+0x190/0x3e0
[ 1567.585519]  ? may_open_dev+0xf0/0xf0
[ 1567.585991]  ? do_raw_spin_lock+0x121/0x260
[ 1567.586520]  ? rwlock_bug.part.0+0x90/0x90
[ 1567.587044]  ? _raw_spin_unlock+0x1a/0x30
[ 1567.587552]  ? alloc_fd+0x2e7/0x670
[ 1567.588011]  do_sys_openat2+0x171/0x4d0
[ 1567.588510]  ? build_open_flags+0x6f0/0x6f0
[ 1567.589034]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1567.589626]  ? wait_for_completion_io+0x270/0x270
[ 1567.590228]  __x64_sys_openat+0x13f/0x1f0
[ 1567.590740]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1567.591252]  ? ksys_write+0x1a9/0x260
[ 1567.591721]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1567.592379]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1567.593007]  do_syscall_64+0x33/0x40
[ 1567.593460]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1567.594083] RIP: 0033:0x7f05ed26ab19
[ 1567.594536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1567.596851] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1567.597783] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1567.598649] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1567.599515] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1567.600402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1567.601267] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1567.616155] FAULT_INJECTION: forcing a failure.
[ 1567.616155] name failslab, interval 1, probability 0, space 0, times 0
[ 1567.617571] CPU: 0 PID: 8692 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1567.618396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1567.619401] Call Trace:
[ 1567.619726]  dump_stack+0x107/0x167
[ 1567.620169]  should_fail.cold+0x5/0xa
[ 1567.620647]  ? __kernfs_new_node+0xd4/0x860
[ 1567.621179]  should_failslab+0x5/0x20
[ 1567.621644]  kmem_cache_alloc+0x5b/0x310
[ 1567.622143]  __kernfs_new_node+0xd4/0x860
[ 1567.622653]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1567.623241]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1567.623830]  ? wait_for_completion_io+0x270/0x270
[ 1567.624449]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1567.625094]  kernfs_new_node+0x18d/0x250
[ 1567.625594]  __kernfs_create_file+0x51/0x350
[ 1567.626131]  sysfs_add_file_mode_ns+0x221/0x560
[ 1567.626703]  internal_create_group+0x324/0xb30
[ 1567.627263]  ? sysfs_remove_group+0x170/0x170
[ 1567.627808]  ? kernfs_add_one+0x124/0x4d0
[ 1567.628337]  ? kernfs_create_link+0x1b7/0x230
[ 1567.628885]  internal_create_groups.part.0+0x90/0x140
[ 1567.629513]  sysfs_create_groups+0x25/0x50
[ 1567.630031]  device_add+0x7a9/0x1c50
[ 1567.630500]  ? lockdep_init_map_type+0x2c7/0x780
[ 1567.631100]  ? devlink_add_symlinks+0x970/0x970
[ 1567.631676]  netdev_register_kobject+0x17a/0x3b0
[ 1567.632265]  register_netdevice+0xd6e/0x1480
[ 1567.632805]  ? netdev_change_features+0xb0/0xb0
[ 1567.633376]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1567.633909]  __tun_chr_ioctl+0x2156/0x3f60
[ 1567.634432]  ? lock_downgrade+0x6d0/0x6d0
[ 1567.634937]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1567.635525]  ? tun_chr_poll+0x700/0x700
[ 1567.636012]  ? wait_for_completion_io+0x270/0x270
[ 1567.636623]  ? selinux_file_ioctl+0xb6/0x270
[ 1567.637162]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1567.637712]  __x64_sys_ioctl+0x19a/0x210
[ 1567.638213]  do_syscall_64+0x33/0x40
[ 1567.638670]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1567.639293] RIP: 0033:0x7f7955930b19
[ 1567.639746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1567.641996] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1567.642922] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1567.643795] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1567.644672] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1567.645538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1567.646404] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1567.696293] FAULT_INJECTION: forcing a failure.
[ 1567.696293] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1567.697894] CPU: 1 PID: 8689 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1567.698732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1567.699743] Call Trace:
[ 1567.700078]  dump_stack+0x107/0x167
[ 1567.700540]  should_fail.cold+0x5/0xa
[ 1567.701013]  __alloc_pages_nodemask+0x182/0x600
[ 1567.701597]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1567.702332]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1567.702956]  ? __hw_addr_create_ex+0x223/0x2c0
[ 1567.703547]  kmalloc_large_node+0x55/0x1a0
[ 1567.704088]  __kmalloc_node+0x30d/0x420
[ 1567.704597]  kvmalloc_node+0xc0/0x170
[ 1567.705064]  alloc_netdev_mqs+0x774/0xe80
[ 1567.705575]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1567.706093]  ? lock_downgrade+0x6d0/0x6d0
[ 1567.706601]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1567.707187]  ? tun_chr_poll+0x700/0x700
[ 1567.707672]  ? wait_for_completion_io+0x270/0x270
[ 1567.708277]  ? selinux_file_ioctl+0xb6/0x270
[ 1567.708816]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1567.709365]  __x64_sys_ioctl+0x19a/0x210
[ 1567.709859]  do_syscall_64+0x33/0x40
[ 1567.710313]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1567.710934] RIP: 0033:0x7fc68ced6b19
[ 1567.711388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1567.713643] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1567.714570] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1567.715437] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1567.716316] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1567.717183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1567.718048] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:05:54 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:05:54 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 9)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:05:54 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1581.374954] FAULT_INJECTION: forcing a failure.
[ 1581.374954] name failslab, interval 1, probability 0, space 0, times 0
[ 1581.376490] CPU: 0 PID: 8709 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1581.377334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1581.378332] Call Trace:
[ 1581.378660]  dump_stack+0x107/0x167
[ 1581.379102]  should_fail.cold+0x5/0xa
[ 1581.379566]  ? create_object.isra.0+0x3a/0xa20
[ 1581.380121]  should_failslab+0x5/0x20
[ 1581.380584]  kmem_cache_alloc+0x5b/0x310
[ 1581.381107]  create_object.isra.0+0x3a/0xa20
[ 1581.381640]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1581.382255]  kmem_cache_alloc_trace+0x151/0x320
[ 1581.382822]  ? pty_open+0x310/0x310
[ 1581.383265]  tty_alloc_file+0x3d/0xa0
[ 1581.383725]  ptmx_open+0x63/0x370
[ 1581.384146]  ? pty_open+0x310/0x310
[ 1581.384586]  chrdev_open+0x268/0x6e0
[ 1581.385067]  ? __unregister_chrdev+0x110/0x110
[ 1581.385624]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1581.386189]  do_dentry_open+0x4b7/0x1090
[ 1581.386679]  ? __unregister_chrdev+0x110/0x110
[ 1581.387228]  ? may_open+0x1e4/0x400
[ 1581.387670]  path_openat+0x19ba/0x2770
[ 1581.388146]  ? path_lookupat+0x860/0x860
[ 1581.388640]  ? lock_acquire+0x197/0x470
[ 1581.389156]  ? find_held_lock+0x2c/0x110
[ 1581.389656]  do_filp_open+0x190/0x3e0
[ 1581.390114]  ? may_open_dev+0xf0/0xf0
[ 1581.390582]  ? do_raw_spin_lock+0x121/0x260
[ 1581.391103]  ? rwlock_bug.part.0+0x90/0x90
[ 1581.391620]  ? _raw_spin_unlock+0x1a/0x30
[ 1581.392120]  ? alloc_fd+0x2e7/0x670
[ 1581.392567]  do_sys_openat2+0x171/0x4d0
[ 1581.393178]  ? build_open_flags+0x6f0/0x6f0
[ 1581.393742]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1581.394371]  ? wait_for_completion_io+0x270/0x270
[ 1581.394998]  __x64_sys_openat+0x13f/0x1f0
[ 1581.395540]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1581.404823]  ? ksys_write+0x1a9/0x260
[ 1581.405328]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1581.406005]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1581.406676]  do_syscall_64+0x33/0x40
[ 1581.407159]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1581.407817] RIP: 0033:0x7f05ed26ab19
[ 1581.408302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1581.410687] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1581.411670] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1581.412520] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1581.413444] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1581.414370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1581.415303] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:05:54 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
dup2(r2, r1)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x107142, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/timers\x00', 0x0, 0x0)
openat(r4, &(0x7f00000000c0)='./file1\x00', 0x10042, 0x3a)
sendfile(r3, r1, 0x0, 0x7ffffff9)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x401c5820, &(0x7f0000000040))

20:05:54 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:05:54 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 49)

20:05:54 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 9)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:05:54 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x7ffffffff000)

20:05:54 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1581.471427] FAULT_INJECTION: forcing a failure.
[ 1581.471427] name failslab, interval 1, probability 0, space 0, times 0
[ 1581.473007] CPU: 0 PID: 8708 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1581.481593] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1581.482654] Call Trace:
[ 1581.482996]  dump_stack+0x107/0x167
[ 1581.483477]  should_fail.cold+0x5/0xa
[ 1581.483982]  ? create_object.isra.0+0x3a/0xa20
[ 1581.484587]  should_failslab+0x5/0x20
[ 1581.485109]  kmem_cache_alloc+0x5b/0x310
[ 1581.485653]  create_object.isra.0+0x3a/0xa20
[ 1581.486229]  ? kasan_unpoison_shadow+0x33/0x50
[ 1581.486832]  kmalloc_large_node+0x124/0x1a0
[ 1581.487406]  __kmalloc_node+0x30d/0x420
[ 1581.487936]  kvmalloc_node+0xc0/0x170
[ 1581.488446]  alloc_netdev_mqs+0x774/0xe80
[ 1581.489020]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1581.489583]  ? lock_downgrade+0x6d0/0x6d0
[ 1581.490123]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1581.490755]  ? tun_chr_poll+0x700/0x700
[ 1581.491281]  ? wait_for_completion_io+0x270/0x270
[ 1581.491928]  ? selinux_file_ioctl+0xb6/0x270
[ 1581.492521]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1581.493130]  __x64_sys_ioctl+0x19a/0x210
[ 1581.493689]  do_syscall_64+0x33/0x40
[ 1581.494186]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1581.494867] RIP: 0033:0x7fc68ced6b19
[ 1581.495363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1581.497721] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1581.498639] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1581.499499] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1581.500358] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1581.501289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1581.502241] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1581.557585] FAULT_INJECTION: forcing a failure.
[ 1581.557585] name failslab, interval 1, probability 0, space 0, times 0
[ 1581.558979] CPU: 0 PID: 8710 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1581.559804] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1581.560820] Call Trace:
[ 1581.561147]  dump_stack+0x107/0x167
[ 1581.561592]  should_fail.cold+0x5/0xa
[ 1581.562059]  ? create_object.isra.0+0x3a/0xa20
[ 1581.562617]  should_failslab+0x5/0x20
[ 1581.563080]  kmem_cache_alloc+0x5b/0x310
[ 1581.563577]  create_object.isra.0+0x3a/0xa20
[ 1581.564113]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1581.564761]  kmem_cache_alloc+0x159/0x310
[ 1581.565452]  __kernfs_new_node+0xd4/0x860
[ 1581.566893]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1581.568536]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1581.570224]  ? wait_for_completion_io+0x270/0x270
[ 1581.571866]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1581.573517]  kernfs_new_node+0x18d/0x250
[ 1581.574751]  __kernfs_create_file+0x51/0x350
[ 1581.575289]  sysfs_add_file_mode_ns+0x221/0x560
[ 1581.578522]  internal_create_group+0x324/0xb30
[ 1581.579082]  ? sysfs_remove_group+0x170/0x170
[ 1581.579623]  ? kernfs_add_one+0x124/0x4d0
[ 1581.580125]  ? kernfs_create_link+0x1b7/0x230
[ 1581.580669]  internal_create_groups.part.0+0x90/0x140
[ 1581.581310]  sysfs_create_groups+0x25/0x50
[ 1581.581823]  device_add+0x7a9/0x1c50
[ 1581.582278]  ? lockdep_init_map_type+0x2c7/0x780
[ 1581.582849]  ? devlink_add_symlinks+0x970/0x970
[ 1581.583418]  netdev_register_kobject+0x17a/0x3b0
[ 1581.593221]  register_netdevice+0xd6e/0x1480
[ 1581.593774]  ? netdev_change_features+0xb0/0xb0
[ 1581.594340]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1581.594868]  __tun_chr_ioctl+0x2156/0x3f60
[ 1581.595381]  ? lock_downgrade+0x6d0/0x6d0
[ 1581.595883]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1581.596466]  ? tun_chr_poll+0x700/0x700
[ 1581.596968]  ? wait_for_completion_io+0x270/0x270
[ 1581.597561]  ? selinux_file_ioctl+0xb6/0x270
[ 1581.598098]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1581.598643]  __x64_sys_ioctl+0x19a/0x210
[ 1581.599136]  do_syscall_64+0x33/0x40
[ 1581.599586]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1581.600205] RIP: 0033:0x7f7955930b19
[ 1581.600655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1581.602896] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1581.613914] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1581.614775] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1581.615631] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1581.616487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1581.617358] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:06:08 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0x2, 0x1, 0x0, 0x0)

20:06:08 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:06:08 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:06:08 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 50)

20:06:08 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 10)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:06:08 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:08 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 10)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:06:08 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x40000000000000)

[ 1595.568602] FAULT_INJECTION: forcing a failure.
[ 1595.568602] name failslab, interval 1, probability 0, space 0, times 0
[ 1595.586397] CPU: 1 PID: 8738 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1595.587232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1595.588234] Call Trace:
[ 1595.588563]  dump_stack+0x107/0x167
[ 1595.589007]  should_fail.cold+0x5/0xa
[ 1595.589490]  ? alloc_tty_struct+0x95/0x8e0
[ 1595.590008]  should_failslab+0x5/0x20
[ 1595.590471]  kmem_cache_alloc_trace+0x55/0x320
[ 1595.591024]  ? ptmx_open+0x107/0x370
[ 1595.591479]  ? pty_open+0x310/0x310
[ 1595.591918]  alloc_tty_struct+0x95/0x8e0
[ 1595.592409]  ? __do_SAK+0x30/0x30
[ 1595.592834]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1595.593438]  ? pty_open+0x310/0x310
[ 1595.593878]  tty_init_dev.part.0+0x20/0x610
[ 1595.594403]  ? pty_open+0x310/0x310
[ 1595.594842]  tty_init_dev+0x5b/0x80
[ 1595.595285]  ptmx_open+0x116/0x370
[ 1595.595720]  ? pty_open+0x310/0x310
[ 1595.596162]  chrdev_open+0x268/0x6e0
[ 1595.596615]  ? __unregister_chrdev+0x110/0x110
[ 1595.597172]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1595.597755]  do_dentry_open+0x4b7/0x1090
[ 1595.598251]  ? __unregister_chrdev+0x110/0x110
[ 1595.598810]  ? may_open+0x1e4/0x400
[ 1595.599255]  path_openat+0x19ba/0x2770
[ 1595.599736]  ? path_lookupat+0x860/0x860
[ 1595.600234]  ? lock_acquire+0x197/0x470
[ 1595.600715]  ? find_held_lock+0x2c/0x110
[ 1595.601230]  do_filp_open+0x190/0x3e0
[ 1595.601746]  ? may_open_dev+0xf0/0xf0
[ 1595.602260]  ? do_raw_spin_lock+0x121/0x260
[ 1595.602829]  ? rwlock_bug.part.0+0x90/0x90
[ 1595.603394]  ? _raw_spin_unlock+0x1a/0x30
[ 1595.603938]  ? alloc_fd+0x2e7/0x670
[ 1595.604431]  do_sys_openat2+0x171/0x4d0
[ 1595.604964]  ? build_open_flags+0x6f0/0x6f0
[ 1595.605552]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1595.606154]  ? wait_for_completion_io+0x270/0x270
[ 1595.606742]  __x64_sys_openat+0x13f/0x1f0
[ 1595.607243]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1595.607758]  ? ksys_write+0x1a9/0x260
[ 1595.608223]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1595.608855]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1595.609495]  do_syscall_64+0x33/0x40
[ 1595.609946]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1595.610565] RIP: 0033:0x7f05ed26ab19
[ 1595.611017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1595.613247] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1595.614172] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1595.615039] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1595.615901] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1595.616762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1595.617647] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1595.651418] FAULT_INJECTION: forcing a failure.
[ 1595.651418] name failslab, interval 1, probability 0, space 0, times 0
[ 1595.652953] CPU: 1 PID: 8732 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1595.653858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1595.654932] Call Trace:
[ 1595.655287]  dump_stack+0x107/0x167
[ 1595.655771]  should_fail.cold+0x5/0xa
[ 1595.656275]  ? create_object.isra.0+0x3a/0xa20
[ 1595.656871]  should_failslab+0x5/0x20
[ 1595.657386]  kmem_cache_alloc+0x5b/0x310
[ 1595.657976]  create_object.isra.0+0x3a/0xa20
[ 1595.658508]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1595.659125]  kmem_cache_alloc+0x159/0x310
[ 1595.659633]  __kernfs_new_node+0xd4/0x860
[ 1595.660138]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1595.660716]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1595.661340]  ? wait_for_completion_io+0x270/0x270
[ 1595.661975]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1595.662662]  kernfs_new_node+0x18d/0x250
[ 1595.663203]  __kernfs_create_file+0x51/0x350
[ 1595.663782]  sysfs_add_file_mode_ns+0x221/0x560
[ 1595.664399]  internal_create_group+0x324/0xb30
[ 1595.665012]  ? sysfs_remove_group+0x170/0x170
[ 1595.665616]  ? kernfs_add_one+0x124/0x4d0
[ 1595.666151]  ? kernfs_create_link+0x1b7/0x230
[ 1595.666729]  internal_create_groups.part.0+0x90/0x140
[ 1595.667401]  sysfs_create_groups+0x25/0x50
[ 1595.667964]  device_add+0x7a9/0x1c50
[ 1595.668462]  ? lockdep_init_map_type+0x2c7/0x780
[ 1595.669082]  ? devlink_add_symlinks+0x970/0x970
[ 1595.669715]  netdev_register_kobject+0x17a/0x3b0
[ 1595.670335]  register_netdevice+0xd6e/0x1480
[ 1595.670918]  ? netdev_change_features+0xb0/0xb0
[ 1595.671533]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1595.672116]  __tun_chr_ioctl+0x2156/0x3f60
[ 1595.672684]  ? lock_downgrade+0x6d0/0x6d0
[ 1595.673251]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1595.673887]  ? tun_chr_poll+0x700/0x700
[ 1595.674416]  ? wait_for_completion_io+0x270/0x270
[ 1595.675058]  ? selinux_file_ioctl+0xb6/0x270
[ 1595.675651]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1595.676246]  __x64_sys_ioctl+0x19a/0x210
[ 1595.676810]  do_syscall_64+0x33/0x40
[ 1595.677275]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1595.677898] RIP: 0033:0x7f7955930b19
[ 1595.678350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1595.680580] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1595.681544] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1595.682406] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1595.683267] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1595.684128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1595.684987] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:06:09 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 11)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1595.718457] FAULT_INJECTION: forcing a failure.
[ 1595.718457] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1595.721825] CPU: 0 PID: 8745 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1595.722409] FAULT_INJECTION: forcing a failure.
[ 1595.722409] name failslab, interval 1, probability 0, space 0, times 0
[ 1595.722691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1595.722700] Call Trace:
[ 1595.725560]  dump_stack+0x107/0x167
[ 1595.726512]  should_fail.cold+0x5/0xa
[ 1595.727512]  __alloc_pages_nodemask+0x182/0x600
[ 1595.728728]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1595.729774]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1595.730421]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1595.731050]  kmalloc_large_node+0x55/0x1a0
[ 1595.731574]  ? lockdep_init_map_type+0x2c7/0x780
[ 1595.732164]  __kmalloc_node+0x30d/0x420
[ 1595.732652]  ? lockdep_init_map_type+0x2c7/0x780
[ 1595.733287]  kvmalloc_node+0xc0/0x170
[ 1595.733770]  alloc_netdev_mqs+0x911/0xe80
[ 1595.734296]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1595.734821]  ? lock_downgrade+0x6d0/0x6d0
[ 1595.735342]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1595.735932]  ? tun_chr_poll+0x700/0x700
[ 1595.736429]  ? wait_for_completion_io+0x270/0x270
[ 1595.737027]  ? selinux_file_ioctl+0xb6/0x270
[ 1595.737621]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1595.738180]  __x64_sys_ioctl+0x19a/0x210
[ 1595.738680]  do_syscall_64+0x33/0x40
[ 1595.739143]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1595.739770] RIP: 0033:0x7fc68ced6b19
[ 1595.740234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1595.743901] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1595.745519] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1595.746396] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1595.747274] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1595.748148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1595.749016] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1595.749945] CPU: 1 PID: 8749 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1595.750810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1595.751807] Call Trace:
[ 1595.752126]  dump_stack+0x107/0x167
[ 1595.752566]  should_fail.cold+0x5/0xa
[ 1595.753027]  ? alloc_tty_struct+0x95/0x8e0
[ 1595.753584]  should_failslab+0x5/0x20
[ 1595.754045]  kmem_cache_alloc_trace+0x55/0x320
[ 1595.754596]  ? ptmx_open+0x107/0x370
[ 1595.755047]  ? pty_open+0x310/0x310
[ 1595.755484]  alloc_tty_struct+0x95/0x8e0
[ 1595.755971]  ? __do_SAK+0x30/0x30
[ 1595.756393]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1595.756981]  ? pty_open+0x310/0x310
[ 1595.757449]  tty_init_dev.part.0+0x20/0x610
[ 1595.757973]  ? pty_open+0x310/0x310
[ 1595.758410]  tty_init_dev+0x5b/0x80
[ 1595.758850]  ptmx_open+0x116/0x370
[ 1595.759281]  ? pty_open+0x310/0x310
[ 1595.759720]  chrdev_open+0x268/0x6e0
[ 1595.760175]  ? __unregister_chrdev+0x110/0x110
[ 1595.760728]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1595.761352]  do_dentry_open+0x4b7/0x1090
[ 1595.761886]  ? __unregister_chrdev+0x110/0x110
[ 1595.762487]  ? may_open+0x1e4/0x400
[ 1595.762967]  path_openat+0x19ba/0x2770
[ 1595.763487]  ? path_lookupat+0x860/0x860
[ 1595.764021]  ? lock_acquire+0x197/0x470
[ 1595.764539]  ? find_held_lock+0x2c/0x110
[ 1595.765060]  do_filp_open+0x190/0x3e0
[ 1595.765550]  ? may_open_dev+0xf0/0xf0
[ 1595.766023]  ? do_raw_spin_lock+0x121/0x260
[ 1595.766545]  ? rwlock_bug.part.0+0x90/0x90
[ 1595.767059]  ? _raw_spin_unlock+0x1a/0x30
[ 1595.767558]  ? alloc_fd+0x2e7/0x670
[ 1595.768005]  do_sys_openat2+0x171/0x4d0
[ 1595.768486]  ? build_open_flags+0x6f0/0x6f0
[ 1595.769006]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1595.769636]  ? wait_for_completion_io+0x270/0x270
[ 1595.770223]  __x64_sys_openat+0x13f/0x1f0
[ 1595.770722]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1595.771230]  ? ksys_write+0x1a9/0x260
[ 1595.771695]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1595.772325]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1595.772947]  do_syscall_64+0x33/0x40
[ 1595.773425]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1595.774042] RIP: 0033:0x7f05ed26ab19
[ 1595.774491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1595.776705] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1595.777651] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1595.778508] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1595.779370] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1595.780227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1595.781085] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:06:09 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:09 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x80000000000000)

20:06:09 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 51)

20:06:09 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:09 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 11)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:06:09 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 12)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1596.080851] FAULT_INJECTION: forcing a failure.
[ 1596.080851] name failslab, interval 1, probability 0, space 0, times 0
[ 1596.082445] CPU: 1 PID: 8763 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1596.083330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1596.084410] Call Trace:
[ 1596.084766]  dump_stack+0x107/0x167
[ 1596.085248]  should_fail.cold+0x5/0xa
[ 1596.085797]  ? create_object.isra.0+0x3a/0xa20
[ 1596.086400]  should_failslab+0x5/0x20
[ 1596.086913]  kmem_cache_alloc+0x5b/0x310
[ 1596.087442]  create_object.isra.0+0x3a/0xa20
[ 1596.087995]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1596.088664]  kmem_cache_alloc+0x159/0x310
[ 1596.089221]  __kernfs_new_node+0xd4/0x860
[ 1596.089788]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1596.090420]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1596.091058]  ? wait_for_completion_io+0x270/0x270
[ 1596.091706]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1596.092407]  kernfs_new_node+0x18d/0x250
[ 1596.092943]  __kernfs_create_file+0x51/0x350
[ 1596.093539]  sysfs_add_file_mode_ns+0x221/0x560
[ 1596.093597] FAULT_INJECTION: forcing a failure.
[ 1596.093597] name failslab, interval 1, probability 0, space 0, times 0
[ 1596.094115]  internal_create_group+0x324/0xb30
[ 1596.094137]  ? sysfs_remove_group+0x170/0x170
[ 1596.096537]  ? kernfs_add_one+0x124/0x4d0
[ 1596.097047]  ? kernfs_create_link+0x1b7/0x230
[ 1596.097624]  internal_create_groups.part.0+0x90/0x140
[ 1596.098261]  sysfs_create_groups+0x25/0x50
[ 1596.098779]  device_add+0x7a9/0x1c50
[ 1596.099248]  ? lockdep_init_map_type+0x2c7/0x780
[ 1596.099826]  ? devlink_add_symlinks+0x970/0x970
[ 1596.100410]  netdev_register_kobject+0x17a/0x3b0
[ 1596.100994]  register_netdevice+0xd6e/0x1480
[ 1596.101561]  ? netdev_change_features+0xb0/0xb0
[ 1596.102137]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1596.102673]  __tun_chr_ioctl+0x2156/0x3f60
[ 1596.103201]  ? lock_downgrade+0x6d0/0x6d0
[ 1596.103707]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1596.104302]  ? tun_chr_poll+0x700/0x700
[ 1596.104791]  ? wait_for_completion_io+0x270/0x270
[ 1596.105413]  ? selinux_file_ioctl+0xb6/0x270
[ 1596.105956]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1596.106515]  __x64_sys_ioctl+0x19a/0x210
[ 1596.107012]  do_syscall_64+0x33/0x40
[ 1596.107473]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1596.108103] RIP: 0033:0x7f7955930b19
[ 1596.108557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1596.110808] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1596.111741] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1596.112614] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1596.113501] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1596.114371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1596.115241] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1596.116134] CPU: 0 PID: 8767 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1596.117021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1596.118040] Call Trace:
[ 1596.118359]  dump_stack+0x107/0x167
[ 1596.118799]  should_fail.cold+0x5/0xa
[ 1596.119260]  ? create_object.isra.0+0x3a/0xa20
[ 1596.119812]  should_failslab+0x5/0x20
[ 1596.120271]  kmem_cache_alloc+0x5b/0x310
[ 1596.120770]  create_object.isra.0+0x3a/0xa20
[ 1596.121337]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1596.121953]  kmem_cache_alloc_trace+0x151/0x320
[ 1596.122518]  ? pty_open+0x310/0x310
[ 1596.122956]  tty_ldisc_get.part.0+0x70/0x180
[ 1596.123487]  tty_ldisc_init+0x15/0x90
[ 1596.123945]  alloc_tty_struct+0x119/0x8e0
[ 1596.124443]  ? __do_SAK+0x30/0x30
[ 1596.124864]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1596.125512]  ? pty_open+0x310/0x310
[ 1596.125988]  tty_init_dev.part.0+0x20/0x610
[ 1596.126562]  ? pty_open+0x310/0x310
[ 1596.127040]  tty_init_dev+0x5b/0x80
[ 1596.127522]  ptmx_open+0x116/0x370
[ 1596.127995]  ? pty_open+0x310/0x310
[ 1596.128478]  chrdev_open+0x268/0x6e0
[ 1596.128971]  ? __unregister_chrdev+0x110/0x110
[ 1596.129618]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1596.130240]  do_dentry_open+0x4b7/0x1090
[ 1596.130777]  ? __unregister_chrdev+0x110/0x110
[ 1596.131378]  ? may_open+0x1e4/0x400
[ 1596.131860]  path_openat+0x19ba/0x2770
[ 1596.132383]  ? path_lookupat+0x860/0x860
[ 1596.132915]  ? lock_acquire+0x197/0x470
[ 1596.133463]  ? find_held_lock+0x2c/0x110
[ 1596.134008]  do_filp_open+0x190/0x3e0
[ 1596.134514]  ? may_open_dev+0xf0/0xf0
[ 1596.135026]  ? do_raw_spin_lock+0x121/0x260
[ 1596.135601]  ? rwlock_bug.part.0+0x90/0x90
[ 1596.136155]  ? _raw_spin_unlock+0x1a/0x30
[ 1596.136709]  ? alloc_fd+0x2e7/0x670
[ 1596.137202]  do_sys_openat2+0x171/0x4d0
[ 1596.137744]  ? build_open_flags+0x6f0/0x6f0
[ 1596.138293]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1596.138933]  ? wait_for_completion_io+0x270/0x270
[ 1596.139565]  __x64_sys_openat+0x13f/0x1f0
[ 1596.140118]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1596.140676]  ? ksys_write+0x1a9/0x260
[ 1596.141186]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1596.141909]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1596.142590]  do_syscall_64+0x33/0x40
[ 1596.143084]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1596.143755] RIP: 0033:0x7f05ed26ab19
[ 1596.144258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1596.146647] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1596.147637] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1596.148570] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1596.149509] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1596.150436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1596.151363] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1596.167632] FAULT_INJECTION: forcing a failure.
[ 1596.167632] name failslab, interval 1, probability 0, space 0, times 0
[ 1596.169680] CPU: 0 PID: 8764 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1596.170572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1596.171647] Call Trace:
[ 1596.172004]  dump_stack+0x107/0x167
[ 1596.172480]  should_fail.cold+0x5/0xa
[ 1596.172992]  ? create_object.isra.0+0x3a/0xa20
[ 1596.173621]  should_failslab+0x5/0x20
[ 1596.174122]  kmem_cache_alloc+0x5b/0x310
[ 1596.174658]  create_object.isra.0+0x3a/0xa20
[ 1596.175226]  ? kasan_unpoison_shadow+0x33/0x50
[ 1596.175829]  kmalloc_large_node+0x124/0x1a0
[ 1596.176399]  __kmalloc_node+0x30d/0x420
[ 1596.176927]  ? lockdep_init_map_type+0x2c7/0x780
[ 1596.177563]  kvmalloc_node+0xc0/0x170
[ 1596.178067]  alloc_netdev_mqs+0x911/0xe80
[ 1596.178623]  __tun_chr_ioctl+0x1b80/0x3f60
[ 1596.179180]  ? lock_downgrade+0x6d0/0x6d0
[ 1596.179720]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1596.180351]  ? tun_chr_poll+0x700/0x700
[ 1596.180875]  ? wait_for_completion_io+0x270/0x270
[ 1596.181526]  ? selinux_file_ioctl+0xb6/0x270
[ 1596.182102]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1596.182695]  __x64_sys_ioctl+0x19a/0x210
[ 1596.183216]  do_syscall_64+0x33/0x40
[ 1596.183713]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1596.184357] RIP: 0033:0x7fc68ced6b19
[ 1596.184802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1596.187352] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
20:06:09 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1596.188337] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1596.189358] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1596.190309] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1596.191234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1596.192171] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:06:23 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:23 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:06:23 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0x2, 0x1, 0x0, 0x0)

20:06:23 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0xf0ffffff7f0000)

20:06:23 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 52)

20:06:23 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 13)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:06:23 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 12)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:06:23 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0x2, 0x1, 0x0, 0x0)

[ 1610.118517] FAULT_INJECTION: forcing a failure.
[ 1610.118517] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.120197] CPU: 1 PID: 8787 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1610.121026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1610.122052] Call Trace:
[ 1610.122382]  dump_stack+0x107/0x167
[ 1610.122828]  should_fail.cold+0x5/0xa
[ 1610.123302]  ? pty_unix98_install+0xd0/0x980
[ 1610.123840]  should_failslab+0x5/0x20
[ 1610.124304]  kmem_cache_alloc_trace+0x55/0x320
[ 1610.124863]  pty_unix98_install+0xd0/0x980
[ 1610.125379]  ? pty_unthrottle+0x60/0x60
[ 1610.125896]  ? pty_open+0x310/0x310
[ 1610.126389]  tty_init_dev.part.0+0xa0/0x610
[ 1610.126955]  ? pty_open+0x310/0x310
[ 1610.127428]  tty_init_dev+0x5b/0x80
[ 1610.127905]  ptmx_open+0x116/0x370
[ 1610.128372]  ? pty_open+0x310/0x310
[ 1610.128846]  chrdev_open+0x268/0x6e0
[ 1610.129341]  ? __unregister_chrdev+0x110/0x110
[ 1610.129962]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1610.130588]  do_dentry_open+0x4b7/0x1090
[ 1610.131119]  ? __unregister_chrdev+0x110/0x110
[ 1610.131719]  ? may_open+0x1e4/0x400
[ 1610.132202]  path_openat+0x19ba/0x2770
[ 1610.132729]  ? path_lookupat+0x860/0x860
[ 1610.133268]  ? lock_acquire+0x197/0x470
[ 1610.133806]  ? find_held_lock+0x2c/0x110
[ 1610.134352]  do_filp_open+0x190/0x3e0
[ 1610.134853]  ? may_open_dev+0xf0/0xf0
[ 1610.135368]  ? do_raw_spin_lock+0x121/0x260
[ 1610.135938]  ? rwlock_bug.part.0+0x90/0x90
[ 1610.136506]  ? _raw_spin_unlock+0x1a/0x30
[ 1610.137033]  ? alloc_fd+0x2e7/0x670
[ 1610.137512]  do_sys_openat2+0x171/0x4d0
[ 1610.138062]  ? build_open_flags+0x6f0/0x6f0
[ 1610.138634]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.139272]  ? wait_for_completion_io+0x270/0x270
[ 1610.139908]  __x64_sys_openat+0x13f/0x1f0
[ 1610.140451]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1610.141006]  ? ksys_write+0x1a9/0x260
[ 1610.141514]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1610.142220]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1610.142892]  do_syscall_64+0x33/0x40
[ 1610.143387]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1610.144053] RIP: 0033:0x7f05ed26ab19
[ 1610.144231] FAULT_INJECTION: forcing a failure.
[ 1610.144231] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.144524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1610.148099] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1610.149029] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1610.149917] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1610.150790] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1610.151663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1610.152541] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1610.153436] CPU: 0 PID: 8791 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1610.154347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1610.155429] Call Trace:
[ 1610.155776]  dump_stack+0x107/0x167
[ 1610.156253]  should_fail.cold+0x5/0xa
[ 1610.156755]  ? __kernfs_new_node+0xd4/0x860
[ 1610.157316]  should_failslab+0x5/0x20
[ 1610.157833]  kmem_cache_alloc+0x5b/0x310
[ 1610.158377]  __kernfs_new_node+0xd4/0x860
[ 1610.158925]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1610.159546]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.160171]  ? wait_for_completion_io+0x270/0x270
[ 1610.160797]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1610.161481]  kernfs_new_node+0x18d/0x250
[ 1610.162036]  __kernfs_create_file+0x51/0x350
[ 1610.162618]  sysfs_add_file_mode_ns+0x221/0x560
[ 1610.163239]  internal_create_group+0x324/0xb30
[ 1610.163815]  ? sysfs_remove_group+0x170/0x170
[ 1610.164386]  ? kernfs_add_one+0x124/0x4d0
[ 1610.164921]  ? kernfs_create_link+0x1b7/0x230
[ 1610.165503]  internal_create_groups.part.0+0x90/0x140
[ 1610.166185]  sysfs_create_groups+0x25/0x50
[ 1610.166722]  device_add+0x7a9/0x1c50
[ 1610.167204]  ? lockdep_init_map_type+0x2c7/0x780
[ 1610.167828]  ? devlink_add_symlinks+0x970/0x970
[ 1610.168451]  netdev_register_kobject+0x17a/0x3b0
[ 1610.169076]  register_netdevice+0xd6e/0x1480
[ 1610.169631]  ? netdev_change_features+0xb0/0xb0
[ 1610.170274]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1610.170857]  __tun_chr_ioctl+0x2156/0x3f60
[ 1610.171422]  ? lock_downgrade+0x6d0/0x6d0
[ 1610.171976]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.172613]  ? tun_chr_poll+0x700/0x700
[ 1610.173145]  ? wait_for_completion_io+0x270/0x270
[ 1610.173807]  ? selinux_file_ioctl+0xb6/0x270
[ 1610.174401]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1610.175021]  __x64_sys_ioctl+0x19a/0x210
[ 1610.175559]  do_syscall_64+0x33/0x40
[ 1610.176050]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1610.176704] RIP: 0033:0x7f7955930b19
[ 1610.177194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1610.179587] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1610.180529] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1610.181455] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1610.182407] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1610.183346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1610.184285] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1610.219169] FAULT_INJECTION: forcing a failure.
[ 1610.219169] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.220645] CPU: 1 PID: 8793 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1610.221477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1610.222517] Call Trace:
[ 1610.222839]  dump_stack+0x107/0x167
[ 1610.223305]  should_fail.cold+0x5/0xa
[ 1610.223767]  ? register_netdevice+0x3ef/0x1480
[ 1610.224322]  should_failslab+0x5/0x20
[ 1610.224788]  kmem_cache_alloc_trace+0x55/0x320
[ 1610.225343]  register_netdevice+0x3ef/0x1480
[ 1610.225888]  ? memset+0x20/0x50
[ 1610.226290]  ? netdev_change_features+0xb0/0xb0
[ 1610.226854]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1610.227383]  __tun_chr_ioctl+0x2156/0x3f60
[ 1610.227897]  ? lock_downgrade+0x6d0/0x6d0
[ 1610.228399]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.229028]  ? tun_chr_poll+0x700/0x700
[ 1610.229570]  ? wait_for_completion_io+0x270/0x270
[ 1610.230188]  ? selinux_file_ioctl+0xb6/0x270
[ 1610.230749]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1610.231318]  __x64_sys_ioctl+0x19a/0x210
[ 1610.231837]  do_syscall_64+0x33/0x40
[ 1610.232288]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1610.232923] RIP: 0033:0x7fc68ced6b19
[ 1610.233378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1610.235618] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1610.236537] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1610.237402] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1610.238389] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1610.239445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1610.240501] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:06:23 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x100000000000000)

20:06:23 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 14)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:06:23 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:23 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 53)

[ 1610.331201] FAULT_INJECTION: forcing a failure.
[ 1610.331201] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.332735] CPU: 1 PID: 8808 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1610.333565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1610.334588] Call Trace:
[ 1610.334917]  dump_stack+0x107/0x167
[ 1610.335362]  should_fail.cold+0x5/0xa
[ 1610.335827]  ? create_object.isra.0+0x3a/0xa20
[ 1610.336384]  should_failslab+0x5/0x20
[ 1610.336848]  kmem_cache_alloc+0x5b/0x310
[ 1610.337345]  create_object.isra.0+0x3a/0xa20
[ 1610.337933]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1610.338555]  kmem_cache_alloc_trace+0x151/0x320
[ 1610.339149]  pty_unix98_install+0xd0/0x980
[ 1610.339664]  ? pty_unthrottle+0x60/0x60
[ 1610.340145]  ? pty_open+0x310/0x310
[ 1610.340583]  tty_init_dev.part.0+0xa0/0x610
[ 1610.341105]  ? pty_open+0x310/0x310
[ 1610.341543]  tty_init_dev+0x5b/0x80
[ 1610.341998]  ptmx_open+0x116/0x370
[ 1610.342429]  ? pty_open+0x310/0x310
[ 1610.342869]  chrdev_open+0x268/0x6e0
[ 1610.343320]  ? __unregister_chrdev+0x110/0x110
[ 1610.343874]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1610.344444]  do_dentry_open+0x4b7/0x1090
[ 1610.344936]  ? __unregister_chrdev+0x110/0x110
[ 1610.345487]  ? may_open+0x1e4/0x400
[ 1610.345947]  path_openat+0x19ba/0x2770
[ 1610.346426]  ? path_lookupat+0x860/0x860
[ 1610.346921]  ? lock_acquire+0x197/0x470
[ 1610.347402]  ? find_held_lock+0x2c/0x110
[ 1610.347900]  do_filp_open+0x190/0x3e0
[ 1610.348361]  ? may_open_dev+0xf0/0xf0
[ 1610.348831]  ? do_raw_spin_lock+0x121/0x260
[ 1610.349353]  ? rwlock_bug.part.0+0x90/0x90
[ 1610.349946]  ? _raw_spin_unlock+0x1a/0x30
[ 1610.350451]  ? alloc_fd+0x2e7/0x670
[ 1610.350907]  do_sys_openat2+0x171/0x4d0
[ 1610.351391]  ? build_open_flags+0x6f0/0x6f0
[ 1610.351915]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.352503]  ? wait_for_completion_io+0x270/0x270
[ 1610.353093]  __x64_sys_openat+0x13f/0x1f0
[ 1610.354494]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1610.355657]  ? ksys_write+0x1a9/0x260
[ 1610.356770]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1610.358487]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1610.359979]  do_syscall_64+0x33/0x40
[ 1610.361100]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1610.362707] RIP: 0033:0x7f05ed26ab19
[ 1610.363729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1610.369015] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1610.371168] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1610.373137] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1610.375410] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1610.377361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1610.379365] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:06:23 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:23 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x2000000000000000)

[ 1610.392853] FAULT_INJECTION: forcing a failure.
[ 1610.392853] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.395987] CPU: 1 PID: 8807 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1610.397685] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1610.400072] Call Trace:
[ 1610.400733]  dump_stack+0x107/0x167
[ 1610.401622]  should_fail.cold+0x5/0xa
[ 1610.402621]  ? create_object.isra.0+0x3a/0xa20
[ 1610.403772]  should_failslab+0x5/0x20
[ 1610.404730]  kmem_cache_alloc+0x5b/0x310
[ 1610.405729]  create_object.isra.0+0x3a/0xa20
[ 1610.406873]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1610.408154]  kmem_cache_alloc+0x159/0x310
[ 1610.409188]  __kernfs_new_node+0xd4/0x860
[ 1610.410000]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1610.410582]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.411176]  ? wait_for_completion_io+0x270/0x270
[ 1610.411765]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1610.412407]  kernfs_new_node+0x18d/0x250
[ 1610.412905]  __kernfs_create_file+0x51/0x350
[ 1610.413442]  sysfs_add_file_mode_ns+0x221/0x560
[ 1610.414072]  internal_create_group+0x324/0xb30
[ 1610.414634]  ? sysfs_remove_group+0x170/0x170
[ 1610.415185]  ? kernfs_add_one+0x124/0x4d0
[ 1610.415693]  ? kernfs_create_link+0x1b7/0x230
[ 1610.416242]  internal_create_groups.part.0+0x90/0x140
[ 1610.416873]  sysfs_create_groups+0x25/0x50
[ 1610.417389]  device_add+0x7a9/0x1c50
[ 1610.417927]  ? lockdep_init_map_type+0x2c7/0x780
[ 1610.418504]  ? devlink_add_symlinks+0x970/0x970
[ 1610.419079]  netdev_register_kobject+0x17a/0x3b0
[ 1610.419661]  register_netdevice+0xd6e/0x1480
[ 1610.420200]  ? netdev_change_features+0xb0/0xb0
[ 1610.420769]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1610.421303]  __tun_chr_ioctl+0x2156/0x3f60
[ 1610.421912]  ? lock_downgrade+0x6d0/0x6d0
[ 1610.422903]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.424386]  ? tun_chr_poll+0x700/0x700
[ 1610.425629]  ? wait_for_completion_io+0x270/0x270
[ 1610.426911]  ? selinux_file_ioctl+0xb6/0x270
[ 1610.428039]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1610.429171]  __x64_sys_ioctl+0x19a/0x210
[ 1610.430344]  do_syscall_64+0x33/0x40
[ 1610.431474]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1610.433075] RIP: 0033:0x7f7955930b19
[ 1610.433701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1610.436039] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1610.436970] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1610.437844] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1610.438774] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1610.439724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1610.440675] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:06:23 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 13)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1610.495563] FAULT_INJECTION: forcing a failure.
[ 1610.495563] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.498725] CPU: 1 PID: 8816 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1610.500706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1610.502967] Call Trace:
[ 1610.503624]  dump_stack+0x107/0x167
[ 1610.504537]  should_fail.cold+0x5/0xa
[ 1610.505472]  ? create_object.isra.0+0x3a/0xa20
[ 1610.506808]  should_failslab+0x5/0x20
[ 1610.507907]  kmem_cache_alloc+0x5b/0x310
[ 1610.508926]  create_object.isra.0+0x3a/0xa20
[ 1610.510086]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1610.511362]  kmem_cache_alloc_trace+0x151/0x320
[ 1610.512541]  register_netdevice+0x3ef/0x1480
[ 1610.513620]  ? memset+0x20/0x50
[ 1610.514487]  ? netdev_change_features+0xb0/0xb0
[ 1610.515654]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1610.516741]  __tun_chr_ioctl+0x2156/0x3f60
[ 1610.517792]  ? lock_downgrade+0x6d0/0x6d0
[ 1610.518842]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.520054]  ? tun_chr_poll+0x700/0x700
[ 1610.521045]  ? wait_for_completion_io+0x270/0x270
[ 1610.522030]  ? selinux_file_ioctl+0xb6/0x270
[ 1610.522570]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1610.523117]  __x64_sys_ioctl+0x19a/0x210
[ 1610.523613]  do_syscall_64+0x33/0x40
[ 1610.524066]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1610.524688] RIP: 0033:0x7fc68ced6b19
[ 1610.525145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1610.527430] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1610.528354] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1610.529219] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1610.530597] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1610.532404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1610.534268] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:06:23 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:23 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 15)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1610.596398] FAULT_INJECTION: forcing a failure.
[ 1610.596398] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.597898] CPU: 0 PID: 8822 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1610.598738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1610.599748] Call Trace:
[ 1610.600078]  dump_stack+0x107/0x167
[ 1610.600526]  should_fail.cold+0x5/0xa
[ 1610.600994]  ? pty_unix98_install+0xfe/0x980
[ 1610.601556]  should_failslab+0x5/0x20
[ 1610.602037]  kmem_cache_alloc_trace+0x55/0x320
[ 1610.602601]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1610.603223]  pty_unix98_install+0xfe/0x980
[ 1610.603741]  ? pty_unthrottle+0x60/0x60
[ 1610.604230]  ? pty_open+0x310/0x310
[ 1610.604674]  tty_init_dev.part.0+0xa0/0x610
[ 1610.605200]  ? pty_open+0x310/0x310
[ 1610.605642]  tty_init_dev+0x5b/0x80
[ 1610.606109]  ptmx_open+0x116/0x370
[ 1610.606563]  ? pty_open+0x310/0x310
[ 1610.607026]  chrdev_open+0x268/0x6e0
[ 1610.607505]  ? __unregister_chrdev+0x110/0x110
[ 1610.608088]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1610.608662]  do_dentry_open+0x4b7/0x1090
[ 1610.609157]  ? __unregister_chrdev+0x110/0x110
[ 1610.609712]  ? may_open+0x1e4/0x400
[ 1610.610174]  path_openat+0x19ba/0x2770
[ 1610.610657]  ? path_lookupat+0x860/0x860
[ 1610.611155]  ? lock_acquire+0x197/0x470
[ 1610.611639]  ? find_held_lock+0x2c/0x110
[ 1610.612143]  do_filp_open+0x190/0x3e0
[ 1610.612606]  ? may_open_dev+0xf0/0xf0
[ 1610.613081]  ? do_raw_spin_lock+0x121/0x260
[ 1610.613610]  ? rwlock_bug.part.0+0x90/0x90
[ 1610.614150]  ? _raw_spin_unlock+0x1a/0x30
[ 1610.614656]  ? alloc_fd+0x2e7/0x670
[ 1610.615109]  do_sys_openat2+0x171/0x4d0
[ 1610.615596]  ? build_open_flags+0x6f0/0x6f0
[ 1610.616128]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1610.616719]  ? wait_for_completion_io+0x270/0x270
[ 1610.617311]  __x64_sys_openat+0x13f/0x1f0
[ 1610.617828]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1610.618343]  ? ksys_write+0x1a9/0x260
[ 1610.618812]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1610.619475]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1610.620132]  do_syscall_64+0x33/0x40
[ 1610.620607]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1610.621259] RIP: 0033:0x7f05ed26ab19
[ 1610.621734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1610.623981] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1610.624908] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1610.625791] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1610.626663] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1610.627530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1610.628398] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:06:38 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x2000000000000000)

20:06:38 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0x2, 0x1, 0x0, 0x0)

20:06:38 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0xffffffff00000000)

20:06:38 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 54)

20:06:38 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 14)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:06:38 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 16)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1625.270826] FAULT_INJECTION: forcing a failure.
[ 1625.270826] name failslab, interval 1, probability 0, space 0, times 0
[ 1625.272360] CPU: 1 PID: 8835 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1625.273232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1625.274282] Call Trace:
[ 1625.274650]  dump_stack+0x107/0x167
[ 1625.275110]  should_fail.cold+0x5/0xa
[ 1625.275597]  ? create_object.isra.0+0x3a/0xa20
[ 1625.276174]  should_failslab+0x5/0x20
[ 1625.276657]  kmem_cache_alloc+0x5b/0x310
[ 1625.277173]  create_object.isra.0+0x3a/0xa20
[ 1625.277725]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1625.278393]  kmem_cache_alloc_trace+0x151/0x320
[ 1625.278989]  pty_unix98_install+0xfe/0x980
[ 1625.279524]  ? pty_unthrottle+0x60/0x60
[ 1625.280024]  ? pty_open+0x310/0x310
[ 1625.280488]  tty_init_dev.part.0+0xa0/0x610
[ 1625.281034]  ? pty_open+0x310/0x310
[ 1625.281498]  tty_init_dev+0x5b/0x80
[ 1625.281960]  ptmx_open+0x116/0x370
[ 1625.282431]  ? pty_open+0x310/0x310
[ 1625.282453] FAULT_INJECTION: forcing a failure.
[ 1625.282453] name failslab, interval 1, probability 0, space 0, times 0
[ 1625.282887]  chrdev_open+0x268/0x6e0
[ 1625.282904]  ? __unregister_chrdev+0x110/0x110
[ 1625.285258]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1625.285853]  do_dentry_open+0x4b7/0x1090
[ 1625.286387]  ? __unregister_chrdev+0x110/0x110
[ 1625.286962]  ? may_open+0x1e4/0x400
[ 1625.287424]  path_openat+0x19ba/0x2770
[ 1625.287925]  ? path_lookupat+0x860/0x860
[ 1625.288440]  ? lock_acquire+0x197/0x470
[ 1625.288941]  ? find_held_lock+0x2c/0x110
[ 1625.289464]  do_filp_open+0x190/0x3e0
[ 1625.289944]  ? may_open_dev+0xf0/0xf0
[ 1625.290469]  ? do_raw_spin_lock+0x121/0x260
[ 1625.291020]  ? rwlock_bug.part.0+0x90/0x90
[ 1625.291564]  ? _raw_spin_unlock+0x1a/0x30
[ 1625.292086]  ? alloc_fd+0x2e7/0x670
[ 1625.292556]  do_sys_openat2+0x171/0x4d0
[ 1625.293060]  ? build_open_flags+0x6f0/0x6f0
[ 1625.293605]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.294214]  ? wait_for_completion_io+0x270/0x270
[ 1625.294847]  __x64_sys_openat+0x13f/0x1f0
[ 1625.295372]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1625.295902]  ? ksys_write+0x1a9/0x260
[ 1625.296391]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1625.297051]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1625.297700]  do_syscall_64+0x33/0x40
[ 1625.298170]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1625.298837] RIP: 0033:0x7f05ed26ab19
[ 1625.299307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1625.301596] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1625.302580] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1625.303473] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1625.304367] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1625.305258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1625.306151] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1625.307101] CPU: 0 PID: 8836 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1625.307941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1625.308943] Call Trace:
[ 1625.309264]  dump_stack+0x107/0x167
[ 1625.309706]  should_fail.cold+0x5/0xa
[ 1625.310171]  ? __kernfs_new_node+0xd4/0x860
[ 1625.310726]  should_failslab+0x5/0x20
[ 1625.311188]  kmem_cache_alloc+0x5b/0x310
[ 1625.311683]  __kernfs_new_node+0xd4/0x860
[ 1625.312193]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1625.312770]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.313355]  ? wait_for_completion_io+0x270/0x270
[ 1625.313939]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1625.314647]  kernfs_new_node+0x18d/0x250
[ 1625.315164]  __kernfs_create_file+0x51/0x350
[ 1625.315718]  sysfs_add_file_mode_ns+0x221/0x560
[ 1625.316306]  internal_create_group+0x324/0xb30
[ 1625.316884]  ? sysfs_remove_group+0x170/0x170
[ 1625.317643]  ? kernfs_add_one+0x124/0x4d0
[ 1625.318164]  ? kernfs_create_link+0x1b7/0x230
[ 1625.318752]  internal_create_groups.part.0+0x90/0x140
[ 1625.319399]  sysfs_create_groups+0x25/0x50
[ 1625.319934]  device_add+0x7a9/0x1c50
[ 1625.320414]  ? lockdep_init_map_type+0x2c7/0x780
[ 1625.321006]  ? devlink_add_symlinks+0x970/0x970
[ 1625.321595]  netdev_register_kobject+0x17a/0x3b0
[ 1625.322193]  register_netdevice+0xd6e/0x1480
[ 1625.322765]  ? netdev_change_features+0xb0/0xb0
[ 1625.323335]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1625.323863]  __tun_chr_ioctl+0x2156/0x3f60
[ 1625.324374]  ? lock_downgrade+0x6d0/0x6d0
[ 1625.324874]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.325460]  ? tun_chr_poll+0x700/0x700
[ 1625.325941]  ? wait_for_completion_io+0x270/0x270
[ 1625.326571]  ? selinux_file_ioctl+0xb6/0x270
[ 1625.327129]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1625.327693]  __x64_sys_ioctl+0x19a/0x210
[ 1625.328200]  do_syscall_64+0x33/0x40
[ 1625.328667]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1625.329303] RIP: 0033:0x7f7955930b19
[ 1625.329768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1625.332063] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1625.333019] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1625.333905] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1625.334827] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1625.335711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1625.336601] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:06:38 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:06:38 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x0, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:38 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0x2, 0x1, 0x0, 0x0)

[ 1625.421999] FAULT_INJECTION: forcing a failure.
[ 1625.421999] name failslab, interval 1, probability 0, space 0, times 0
[ 1625.423616] CPU: 0 PID: 8838 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1625.424469] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1625.425498] Call Trace:
[ 1625.425838]  dump_stack+0x107/0x167
[ 1625.426305]  should_fail.cold+0x5/0xa
[ 1625.427422]  ? create_object.isra.0+0x3a/0xa20
[ 1625.428609]  should_failslab+0x5/0x20
[ 1625.429585]  kmem_cache_alloc+0x5b/0x310
[ 1625.430738]  create_object.isra.0+0x3a/0xa20
[ 1625.431829]  kmemleak_alloc_percpu+0xa0/0x100
[ 1625.432943]  pcpu_alloc+0x4e2/0x1240
[ 1625.433874]  ? tun_attach.isra.0+0x1760/0x1760
[ 1625.434709]  tun_net_init+0x55/0x650
[ 1625.435181]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1625.435816]  ? tun_attach.isra.0+0x1760/0x1760
[ 1625.436394]  register_netdevice+0x55b/0x1480
[ 1625.436954]  ? netdev_change_features+0xb0/0xb0
[ 1625.437545]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1625.438097]  __tun_chr_ioctl+0x2156/0x3f60
[ 1625.439132]  ? lock_downgrade+0x6d0/0x6d0
[ 1625.440228]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.441476]  ? tun_chr_poll+0x700/0x700
[ 1625.442426]  ? wait_for_completion_io+0x270/0x270
[ 1625.443702]  ? selinux_file_ioctl+0xb6/0x270
[ 1625.444875]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1625.446037]  __x64_sys_ioctl+0x19a/0x210
[ 1625.447128]  do_syscall_64+0x33/0x40
[ 1625.448090]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1625.449424] RIP: 0033:0x7fc68ced6b19
[ 1625.450425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1625.455133] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1625.457137] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1625.459089] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1625.460974] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1625.462560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1625.463453] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:06:38 executing program 1:
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000340), 0x6}, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
pwrite64(r1, &(0x7f00000007c0)="2852310f303bd033cf4e5163ff3f51e93b94d25470fb48f44771d70d551113e59d9989526071d1d33bce367163fcb0e88e7df499283527d7b94bb7cd85361ec9b9030a0ff70bee55388617dc16bd304f3a9f72a9de622979356e191642be411d21f82a356baa0d060156d6d7055f22ad81ebf2e762e6c97099f3a1dedf05d5fa669ca6fbb5c7bd3c9471a66f1a9e0d44bf3fe9c585b584dfc3ad5ef5138633a13036953fcfededcc27b6e3745ec4758f352ad3f4f588c9ef9c51171050c281c67361769de360fd84824236efad4482250e60fccd1a4dbe5abb5554c6776747ab", 0xe0, 0x10000)
r2 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000300)={&(0x7f00000008c0)=""/234, 0xea, 0x8001, 0x3ff})
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000)
syz_io_uring_submit(r7, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r5, 0x0, 0x0}, 0x80000001)
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = syz_io_uring_complete(r6)
sendmsg$DCCPDIAG_GETSOCK(r10, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)={0x290, 0x13, 0x100, 0x70bd28, 0x25dfdbfc, {0x28, 0x5, 0xff, 0x9, {0x4e21, 0x4e21, [0x8, 0x9, 0x6, 0xdea], [0x18, 0x9, 0x80000001, 0x20], 0x0, [0x7ff, 0x180000]}, 0x7ff, 0x1}, [@INET_DIAG_REQ_BYTECODE={0x42, 0x1, "893258724c950707068d5f9eb2eec3172030274bf27b61befe4c144017c0603a59b75d22a82f064c1e6f8bfc4ebda8fd238063c5fbe23efce924568a0d6b"}, @INET_DIAG_REQ_BYTECODE={0xad, 0x1, "1f75a9fdd38d5e6231cd2174bb730800c79fd53126063a2696c21e4da23453e3eff4dd2bff6dd757f0fba3abd5f8b75f83a9149332295e874fbfbfc21cb608a033e5aec2aa191526a1358bb469bd085e6e2c2b1addf910c85b36686f234a4e13cda0f26044273cab58d6ae964e50bd2862bd0ce710eef8f41476dc4df97697e4a2596963ea450c48dd91b38e7273904ff5aec70467de3b51e80f630f3272235f717b6614eca93ab3a4"}, @INET_DIAG_REQ_BYTECODE={0x2c, 0x1, "588593f8648cb55bea6405f2cb555e802c3849d3070a5fb0e3c89472f921ed059f237780006417de"}, @INET_DIAG_REQ_BYTECODE={0xcd, 0x1, "f7ddfdec1c83e0396a5be16f05699526d14855a176547a25fce302a5698642146180b79e6c3919878af9997aa30fd8a677bc0f44859839565831233171640e745a33077c7365700c6cd0990380dd5399acff50105a2b59105323131659b3d6373ad9b695ac61eb24df7f90944dba28e04931173b3ae8efbe1935291c26e348496d8604eb38c766d0563500f2a55b22e928bd917e7b59cd826690ae199de2802cc91b10b9e767e2fe6b141aea7a15c60bc839d8ec760cf866cb15331868ee9bb3edc0b930dca7deeeb7"}, @INET_DIAG_REQ_BYTECODE={0x51, 0x1, "f79b2638d273f98fedffd63fe8723b5ff36dee12eeb38ed7d0df088e9b33844adafc0608e93474cb6596a31c486b8edf7b5619a55f49f4c28a2ce8d6c93c55849945e30fe7b12af461690b0904"}]}, 0x290}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
io_uring_enter(r9, 0x219d, 0x8db5, 0x9df984baf691369a, &(0x7f0000000100)={[0x2]}, 0x8)
io_uring_enter(r2, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:06:38 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 17)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:06:38 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x0, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:38 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 55)

20:06:38 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 15)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1625.581555] FAULT_INJECTION: forcing a failure.
[ 1625.581555] name failslab, interval 1, probability 0, space 0, times 0
[ 1625.582456] FAULT_INJECTION: forcing a failure.
[ 1625.582456] name failslab, interval 1, probability 0, space 0, times 0
[ 1625.583642] CPU: 0 PID: 8857 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1625.586023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1625.591997] Call Trace:
[ 1625.592648]  dump_stack+0x107/0x167
[ 1625.593544]  should_fail.cold+0x5/0xa
[ 1625.594621]  ? create_object.isra.0+0x3a/0xa20
[ 1625.595998]  should_failslab+0x5/0x20
[ 1625.597159]  kmem_cache_alloc+0x5b/0x310
[ 1625.598398]  create_object.isra.0+0x3a/0xa20
[ 1625.599776]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1625.601120]  kmem_cache_alloc+0x159/0x310
[ 1625.602167]  __kernfs_new_node+0xd4/0x860
[ 1625.603296]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1625.604517]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.605750]  ? wait_for_completion_io+0x270/0x270
[ 1625.607048]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1625.608472]  kernfs_new_node+0x18d/0x250
[ 1625.609547]  __kernfs_create_file+0x51/0x350
[ 1625.610710]  sysfs_add_file_mode_ns+0x221/0x560
[ 1625.611914]  internal_create_group+0x324/0xb30
[ 1625.613089]  ? sysfs_remove_group+0x170/0x170
[ 1625.614215]  ? kernfs_add_one+0x124/0x4d0
[ 1625.615331]  ? kernfs_create_link+0x1b7/0x230
[ 1625.616485]  internal_create_groups.part.0+0x90/0x140
[ 1625.617835]  sysfs_create_groups+0x25/0x50
[ 1625.618969]  device_add+0x7a9/0x1c50
[ 1625.619942]  ? lockdep_init_map_type+0x2c7/0x780
[ 1625.621153]  ? devlink_add_symlinks+0x970/0x970
[ 1625.622356]  netdev_register_kobject+0x17a/0x3b0
[ 1625.622959]  register_netdevice+0xd6e/0x1480
[ 1625.623519]  ? netdev_change_features+0xb0/0xb0
[ 1625.624116]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1625.624674]  __tun_chr_ioctl+0x2156/0x3f60
[ 1625.625217]  ? lock_downgrade+0x6d0/0x6d0
[ 1625.625741]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.626503]  ? tun_chr_poll+0x700/0x700
[ 1625.627716]  ? wait_for_completion_io+0x270/0x270
[ 1625.629204]  ? selinux_file_ioctl+0xb6/0x270
[ 1625.630557]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1625.631714]  __x64_sys_ioctl+0x19a/0x210
[ 1625.632760]  do_syscall_64+0x33/0x40
[ 1625.633708]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1625.635070] RIP: 0033:0x7f7955930b19
[ 1625.636029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1625.640841] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1625.642914] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1625.644792] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1625.646665] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1625.648578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1625.650404] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1625.652208] CPU: 1 PID: 8861 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1625.653250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1625.654486] Call Trace:
[ 1625.654891]  dump_stack+0x107/0x167
[ 1625.655436]  should_fail.cold+0x5/0xa
[ 1625.656008]  ? alloc_tty_struct+0x95/0x8e0
[ 1625.656643]  should_failslab+0x5/0x20
[ 1625.657213]  kmem_cache_alloc_trace+0x55/0x320
[ 1625.657902]  alloc_tty_struct+0x95/0x8e0
[ 1625.658503]  ? __do_SAK+0x30/0x30
[ 1625.659029]  ? kasan_unpoison_shadow+0x33/0x50
[ 1625.659714]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1625.660474]  pty_unix98_install+0x1ab/0x980
[ 1625.661127]  ? pty_unthrottle+0x60/0x60
[ 1625.661718]  ? pty_open+0x310/0x310
[ 1625.662259]  tty_init_dev.part.0+0xa0/0x610
[ 1625.662824]  ? pty_open+0x310/0x310
[ 1625.663276]  tty_init_dev+0x5b/0x80
[ 1625.663734]  ptmx_open+0x116/0x370
[ 1625.664186]  ? pty_open+0x310/0x310
[ 1625.664645]  chrdev_open+0x268/0x6e0
[ 1625.665116]  ? __unregister_chrdev+0x110/0x110
[ 1625.665694]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1625.666296]  do_dentry_open+0x4b7/0x1090
[ 1625.666814]  ? __unregister_chrdev+0x110/0x110
[ 1625.667384]  ? may_open+0x1e4/0x400
[ 1625.667845]  path_openat+0x19ba/0x2770
[ 1625.668344]  ? path_lookupat+0x860/0x860
[ 1625.668857]  ? lock_acquire+0x197/0x470
[ 1625.669352]  ? find_held_lock+0x2c/0x110
[ 1625.669875]  do_filp_open+0x190/0x3e0
[ 1625.670366]  ? may_open_dev+0xf0/0xf0
[ 1625.670858]  ? do_raw_spin_lock+0x121/0x260
[ 1625.671400]  ? rwlock_bug.part.0+0x90/0x90
[ 1625.671939]  ? _raw_spin_unlock+0x1a/0x30
[ 1625.672458]  ? alloc_fd+0x2e7/0x670
[ 1625.672927]  do_sys_openat2+0x171/0x4d0
[ 1625.673431]  ? build_open_flags+0x6f0/0x6f0
[ 1625.673974]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.674992]  ? wait_for_completion_io+0x270/0x270
[ 1625.676332]  __x64_sys_openat+0x13f/0x1f0
[ 1625.677475]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1625.678699]  ? ksys_write+0x1a9/0x260
[ 1625.679701]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1625.681117]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1625.682443]  do_syscall_64+0x33/0x40
[ 1625.682907]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1625.683541] RIP: 0033:0x7f05ed26ab19
[ 1625.684008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1625.686257] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1625.688588] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1625.690641] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1625.692688] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1625.694746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1625.696772] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1625.722910] FAULT_INJECTION: forcing a failure.
[ 1625.722910] name failslab, interval 1, probability 0, space 0, times 0
[ 1625.724501] CPU: 0 PID: 8860 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1625.725331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1625.726370] Call Trace:
[ 1625.726711]  dump_stack+0x107/0x167
[ 1625.727179]  should_fail.cold+0x5/0xa
[ 1625.727665]  ? create_object.isra.0+0x3a/0xa20
[ 1625.728249]  should_failslab+0x5/0x20
[ 1625.728736]  kmem_cache_alloc+0x5b/0x310
[ 1625.729247]  ? mark_held_locks+0x9e/0xe0
[ 1625.729742]  create_object.isra.0+0x3a/0xa20
[ 1625.730290]  kmemleak_alloc_percpu+0xa0/0x100
[ 1625.730911]  pcpu_alloc+0x4e2/0x1240
[ 1625.731374]  ? tun_attach.isra.0+0x1760/0x1760
[ 1625.731930]  tun_net_init+0x55/0x650
[ 1625.732382]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1625.732996]  ? tun_attach.isra.0+0x1760/0x1760
[ 1625.733554]  register_netdevice+0x55b/0x1480
[ 1625.734096]  ? netdev_change_features+0xb0/0xb0
[ 1625.734782]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1625.735428]  __tun_chr_ioctl+0x2156/0x3f60
[ 1625.736046]  ? lock_downgrade+0x6d0/0x6d0
[ 1625.736644]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.737350]  ? tun_chr_poll+0x700/0x700
[ 1625.737928]  ? wait_for_completion_io+0x270/0x270
[ 1625.738677]  ? selinux_file_ioctl+0xb6/0x270
[ 1625.739349]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1625.740040]  __x64_sys_ioctl+0x19a/0x210
[ 1625.740661]  do_syscall_64+0x33/0x40
[ 1625.741198]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1625.741943] RIP: 0033:0x7fc68ced6b19
[ 1625.742484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1625.745174] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1625.746291] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1625.747232] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1625.748132] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1625.749028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1625.749932] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:06:39 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x0, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:39 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/bus/machinecheck', 0x745401, 0x60)
r5 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x1, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x0, {0x0, r8}}, 0xe12)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000140), 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r9, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:06:39 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 16)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1625.910893] FAULT_INJECTION: forcing a failure.
[ 1625.910893] name failslab, interval 1, probability 0, space 0, times 0
[ 1625.914554] CPU: 0 PID: 8873 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1625.916269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1625.918411] Call Trace:
[ 1625.919216]  dump_stack+0x107/0x167
[ 1625.920324]  should_fail.cold+0x5/0xa
[ 1625.921461]  ? selinux_tun_dev_alloc_security+0x43/0x180
[ 1625.922661]  should_failslab+0x5/0x20
[ 1625.923144]  kmem_cache_alloc_trace+0x55/0x320
[ 1625.923732]  selinux_tun_dev_alloc_security+0x43/0x180
[ 1625.924391]  security_tun_dev_alloc_security+0x46/0xa0
[ 1625.925062]  tun_net_init+0x133/0x650
[ 1625.925548]  ? tun_attach.isra.0+0x1760/0x1760
[ 1625.926132]  register_netdevice+0x55b/0x1480
[ 1625.926756]  ? netdev_change_features+0xb0/0xb0
[ 1625.927342]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1625.927897]  __tun_chr_ioctl+0x2156/0x3f60
[ 1625.928442]  ? lock_downgrade+0x6d0/0x6d0
[ 1625.928970]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1625.929582]  ? tun_chr_poll+0x700/0x700
[ 1625.930089]  ? wait_for_completion_io+0x270/0x270
[ 1625.930789]  ? selinux_file_ioctl+0xb6/0x270
[ 1625.931346]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1625.931920]  __x64_sys_ioctl+0x19a/0x210
[ 1625.932437]  do_syscall_64+0x33/0x40
[ 1625.932906]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1625.933559] RIP: 0033:0x7fc68ced6b19
[ 1625.934034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1625.936394] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1625.937358] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1625.938257] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1625.939201] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1625.940101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1625.940996] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:06:53 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0x0, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:53 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0x2, 0x1, 0x0, 0x0)

20:06:53 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:06:53 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x10000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000006, 0x20010, r0, 0x0)
syz_io_uring_setup(0x7f89, &(0x7f0000000100)={0x0, 0xad10, 0x20, 0x1, 0x21d}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)=<r5=>0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x6, 0x12, r0, 0x0)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000000, 0x30, r0, 0x10000000)
syz_io_uring_submit(r6, r7, &(0x7f00000017c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x2, 0x2004, @fd_index=0x9, 0xfff, &(0x7f0000000400)=[{&(0x7f0000000280)=""/10, 0xa}, {&(0x7f00000002c0)=""/189, 0xbd}, {&(0x7f0000000380)=""/53, 0x35}, {&(0x7f00000003c0)=""/41, 0x29}, {&(0x7f0000000500)=""/225, 0xe1}, {&(0x7f0000000600)=""/202, 0xca}, {&(0x7f0000000700)=""/129, 0x81}, {&(0x7f00000007c0)=""/4096, 0x1000}], 0x8, 0x18}, 0x6)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x200000b, 0x110, r0, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000240)=@IORING_OP_READ_FIXED={0x4, 0x1704016f3b095582, 0x0, @fd_index=0x3, 0x26c, 0x6, 0x800, 0x10, 0x1, {0x2, r8}}, 0xffffffff)

20:06:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 56)

20:06:53 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 17)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:06:53 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 18)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:06:53 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:06:53 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0x0, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1639.800260] FAULT_INJECTION: forcing a failure.
[ 1639.800260] name failslab, interval 1, probability 0, space 0, times 0
[ 1639.801747] FAULT_INJECTION: forcing a failure.
[ 1639.801747] name failslab, interval 1, probability 0, space 0, times 0
[ 1639.809064] CPU: 1 PID: 8896 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1639.809888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1639.810931] Call Trace:
[ 1639.811258]  dump_stack+0x107/0x167
[ 1639.811700]  should_fail.cold+0x5/0xa
[ 1639.812163]  ? create_object.isra.0+0x3a/0xa20
[ 1639.812717]  should_failslab+0x5/0x20
[ 1639.813178]  kmem_cache_alloc+0x5b/0x310
[ 1639.813670]  ? lock_release+0x680/0x680
[ 1639.814153]  create_object.isra.0+0x3a/0xa20
[ 1639.814684]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1639.815344]  kmem_cache_alloc_trace+0x151/0x320
[ 1639.815937]  alloc_tty_struct+0x95/0x8e0
[ 1639.816426]  ? __do_SAK+0x30/0x30
[ 1639.816849]  ? kasan_unpoison_shadow+0x33/0x50
[ 1639.817402]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1639.818018]  pty_unix98_install+0x1ab/0x980
[ 1639.818541]  ? pty_unthrottle+0x60/0x60
[ 1639.823055]  ? pty_open+0x310/0x310
[ 1639.823504]  tty_init_dev.part.0+0xa0/0x610
[ 1639.824031]  ? pty_open+0x310/0x310
[ 1639.824480]  tty_init_dev+0x5b/0x80
[ 1639.824923]  ptmx_open+0x116/0x370
[ 1639.825366]  ? pty_open+0x310/0x310
[ 1639.825808]  chrdev_open+0x268/0x6e0
[ 1639.826270]  ? __unregister_chrdev+0x110/0x110
[ 1639.826837]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1639.827421]  do_dentry_open+0x4b7/0x1090
[ 1639.827917]  ? __unregister_chrdev+0x110/0x110
[ 1639.828480]  ? may_open+0x1e4/0x400
[ 1639.828925]  path_openat+0x19ba/0x2770
[ 1639.829417]  ? path_lookupat+0x860/0x860
[ 1639.829912]  ? lock_acquire+0x197/0x470
[ 1639.830403]  ? find_held_lock+0x2c/0x110
[ 1639.830925]  do_filp_open+0x190/0x3e0
[ 1639.831397]  ? may_open_dev+0xf0/0xf0
[ 1639.831872]  ? do_raw_spin_lock+0x121/0x260
[ 1639.832408]  ? rwlock_bug.part.0+0x90/0x90
[ 1639.832939]  ? _raw_spin_unlock+0x1a/0x30
[ 1639.833457]  ? alloc_fd+0x2e7/0x670
[ 1639.833910]  do_sys_openat2+0x171/0x4d0
[ 1639.834407]  ? build_open_flags+0x6f0/0x6f0
[ 1639.834942]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1639.835542]  ? wait_for_completion_io+0x270/0x270
[ 1639.836144]  __x64_sys_openat+0x13f/0x1f0
[ 1639.836650]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1639.837172]  ? ksys_write+0x1a9/0x260
[ 1639.837643]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1639.838288]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1639.838938]  do_syscall_64+0x33/0x40
[ 1639.839402]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1639.840030] RIP: 0033:0x7f05ed26ab19
[ 1639.840493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1639.842732] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1639.847702] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1639.848573] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1639.849454] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1639.850324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1639.851202] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1639.852112] CPU: 0 PID: 8888 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1639.853001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1639.854055] Call Trace:
[ 1639.854398]  dump_stack+0x107/0x167
[ 1639.854889]  should_fail.cold+0x5/0xa
[ 1639.855382]  ? create_object.isra.0+0x3a/0xa20
[ 1639.855976]  should_failslab+0x5/0x20
[ 1639.856472]  kmem_cache_alloc+0x5b/0x310
[ 1639.863257]  create_object.isra.0+0x3a/0xa20
[ 1639.863840]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1639.864510]  kmem_cache_alloc_trace+0x151/0x320
[ 1639.865130]  selinux_tun_dev_alloc_security+0x43/0x180
[ 1639.865824]  security_tun_dev_alloc_security+0x46/0xa0
[ 1639.866521]  tun_net_init+0x133/0x650
[ 1639.867070]  ? tun_attach.isra.0+0x1760/0x1760
[ 1639.867678]  register_netdevice+0x55b/0x1480
[ 1639.868271]  ? netdev_change_features+0xb0/0xb0
[ 1639.868887]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1639.869457]  __tun_chr_ioctl+0x2156/0x3f60
[ 1639.870023]  ? lock_downgrade+0x6d0/0x6d0
[ 1639.870573]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1639.871227]  ? tun_chr_poll+0x700/0x700
[ 1639.871747]  ? wait_for_completion_io+0x270/0x270
[ 1639.872397]  ? selinux_file_ioctl+0xb6/0x270
[ 1639.872991]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1639.873578]  __x64_sys_ioctl+0x19a/0x210
[ 1639.874117]  do_syscall_64+0x33/0x40
[ 1639.874617]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1639.875297] RIP: 0033:0x7fc68ced6b19
[ 1639.875759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1639.878093] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1639.879106] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1639.880031] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1639.880958] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1639.881883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1639.882820] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:06:53 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:06:53 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x5, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0xfffffffb)
chmod(&(0x7f0000000100)='./file0\x00', 0xa0)
socket$inet_tcp(0x2, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1640.009829] FAULT_INJECTION: forcing a failure.
[ 1640.009829] name failslab, interval 1, probability 0, space 0, times 0
[ 1640.012220] CPU: 0 PID: 8904 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1640.014059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1640.015534] Call Trace:
[ 1640.015889]  dump_stack+0x107/0x167
[ 1640.016368]  should_fail.cold+0x5/0xa
[ 1640.016869]  ? __kernfs_new_node+0xd4/0x860
[ 1640.017430]  should_failslab+0x5/0x20
[ 1640.017928]  kmem_cache_alloc+0x5b/0x310
[ 1640.018467]  __kernfs_new_node+0xd4/0x860
[ 1640.019297]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1640.019999]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1640.020588]  ? wait_for_completion_io+0x270/0x270
[ 1640.021174]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1640.021814]  kernfs_new_node+0x18d/0x250
[ 1640.022309]  __kernfs_create_file+0x51/0x350
[ 1640.022878]  sysfs_add_file_mode_ns+0x221/0x560
[ 1640.023476]  internal_create_group+0x324/0xb30
[ 1640.024059]  ? sysfs_remove_group+0x170/0x170
[ 1640.024624]  ? kernfs_add_one+0x124/0x4d0
[ 1640.025150]  ? kernfs_create_link+0x1b7/0x230
[ 1640.025720]  internal_create_groups.part.0+0x90/0x140
[ 1640.026376]  sysfs_create_groups+0x25/0x50
[ 1640.026934]  device_add+0x7a9/0x1c50
[ 1640.027389]  ? lockdep_init_map_type+0x2c7/0x780
[ 1640.027960]  ? devlink_add_symlinks+0x970/0x970
[ 1640.028530]  netdev_register_kobject+0x17a/0x3b0
[ 1640.029105]  register_netdevice+0xd6e/0x1480
[ 1640.029644]  ? netdev_change_features+0xb0/0xb0
[ 1640.030207]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1640.030736]  __tun_chr_ioctl+0x2156/0x3f60
[ 1640.031281]  ? lock_downgrade+0x6d0/0x6d0
[ 1640.031783]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1640.032365]  ? tun_chr_poll+0x700/0x700
[ 1640.032846]  ? wait_for_completion_io+0x270/0x270
[ 1640.033435]  ? selinux_file_ioctl+0xb6/0x270
[ 1640.033970]  ? tun_chr_compat_ioctl+0x30/0x30
20:06:53 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0x0, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1640.034514]  __x64_sys_ioctl+0x19a/0x210
[ 1640.063063]  do_syscall_64+0x33/0x40
[ 1640.063516]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1640.064136] RIP: 0033:0x7f7955930b19
[ 1640.064588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1640.066819] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1640.067755] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1640.068614] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1640.069471] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1640.070328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1640.071200] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:06:53 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 19)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:06:53 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:06:53 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1640.183642] FAULT_INJECTION: forcing a failure.
[ 1640.183642] name failslab, interval 1, probability 0, space 0, times 0
[ 1640.185160] CPU: 1 PID: 8915 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1640.186015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1640.187082] Call Trace:
[ 1640.187421]  dump_stack+0x107/0x167
[ 1640.187878]  should_fail.cold+0x5/0xa
[ 1640.188364]  ? create_object.isra.0+0x3a/0xa20
[ 1640.188946]  should_failslab+0x5/0x20
[ 1640.189429]  kmem_cache_alloc+0x5b/0x310
[ 1640.189946]  create_object.isra.0+0x3a/0xa20
[ 1640.190494]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1640.191161]  kmem_cache_alloc_trace+0x151/0x320
[ 1640.191754]  tty_ldisc_get.part.0+0x70/0x180
[ 1640.192311]  tty_ldisc_init+0x15/0x90
[ 1640.192791]  alloc_tty_struct+0x119/0x8e0
[ 1640.193308]  ? __do_SAK+0x30/0x30
[ 1640.193747]  ? kasan_unpoison_shadow+0x33/0x50
[ 1640.194326]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1640.194991]  pty_unix98_install+0x1ab/0x980
[ 1640.195533]  ? pty_unthrottle+0x60/0x60
[ 1640.196034]  ? pty_open+0x310/0x310
[ 1640.196492]  tty_init_dev.part.0+0xa0/0x610
[ 1640.197039]  ? pty_open+0x310/0x310
[ 1640.197496]  tty_init_dev+0x5b/0x80
[ 1640.197955]  ptmx_open+0x116/0x370
[ 1640.198402]  ? pty_open+0x310/0x310
[ 1640.198871]  chrdev_open+0x268/0x6e0
[ 1640.199346]  ? __unregister_chrdev+0x110/0x110
[ 1640.199922]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1640.200513]  do_dentry_open+0x4b7/0x1090
[ 1640.201033]  ? __unregister_chrdev+0x110/0x110
[ 1640.201607]  ? may_open+0x1e4/0x400
[ 1640.202071]  path_openat+0x19ba/0x2770
[ 1640.202576]  ? path_lookupat+0x860/0x860
[ 1640.203144]  ? lock_acquire+0x197/0x470
[ 1640.203644]  ? find_held_lock+0x2c/0x110
[ 1640.204168]  do_filp_open+0x190/0x3e0
[ 1640.204644]  ? may_open_dev+0xf0/0xf0
[ 1640.205131]  ? do_raw_spin_lock+0x121/0x260
[ 1640.205667]  ? rwlock_bug.part.0+0x90/0x90
[ 1640.206208]  ? _raw_spin_unlock+0x1a/0x30
[ 1640.206728]  ? alloc_fd+0x2e7/0x670
[ 1640.207228]  do_sys_openat2+0x171/0x4d0
[ 1640.207732]  ? build_open_flags+0x6f0/0x6f0
[ 1640.208278]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1640.208890]  ? wait_for_completion_io+0x270/0x270
[ 1640.209500]  __x64_sys_openat+0x13f/0x1f0
[ 1640.210010]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1640.210523]  ? ksys_write+0x1a9/0x260
[ 1640.211031]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1640.211690]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1640.212341]  do_syscall_64+0x33/0x40
[ 1640.212815]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1640.213455] RIP: 0033:0x7f05ed26ab19
[ 1640.213926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1640.216242] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1640.217197] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1640.218086] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1640.223002] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1640.223893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1640.224783] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:06:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 57)

20:06:53 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 18)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1640.258729] FAULT_INJECTION: forcing a failure.
[ 1640.258729] name failslab, interval 1, probability 0, space 0, times 0
[ 1640.260351] CPU: 1 PID: 8918 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1640.261202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1640.262237] Call Trace:
[ 1640.262580]  dump_stack+0x107/0x167
[ 1640.267069]  should_fail.cold+0x5/0xa
[ 1640.267555]  ? create_object.isra.0+0x3a/0xa20
[ 1640.268134]  should_failslab+0x5/0x20
[ 1640.268612]  kmem_cache_alloc+0x5b/0x310
[ 1640.269131]  create_object.isra.0+0x3a/0xa20
[ 1640.269689]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1640.270330]  kmem_cache_alloc+0x159/0x310
[ 1640.270875]  __kernfs_new_node+0xd4/0x860
[ 1640.271407]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1640.272012]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1640.272620]  ? wait_for_completion_io+0x270/0x270
[ 1640.273230]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1640.273894]  kernfs_new_node+0x18d/0x250
[ 1640.274412]  __kernfs_create_file+0x51/0x350
[ 1640.274993]  sysfs_add_file_mode_ns+0x221/0x560
[ 1640.275585]  internal_create_group+0x324/0xb30
[ 1640.276166]  ? sysfs_remove_group+0x170/0x170
[ 1640.276729]  ? kernfs_add_one+0x124/0x4d0
[ 1640.277256]  ? kernfs_create_link+0x1b7/0x230
[ 1640.277826]  internal_create_groups.part.0+0x90/0x140
[ 1640.278479]  sysfs_create_groups+0x25/0x50
[ 1640.279051]  device_add+0x7a9/0x1c50
[ 1640.279530]  ? lockdep_init_map_type+0x2c7/0x780
[ 1640.280121]  ? devlink_add_symlinks+0x970/0x970
[ 1640.280719]  netdev_register_kobject+0x17a/0x3b0
[ 1640.281320]  register_netdevice+0xd6e/0x1480
[ 1640.281878]  ? netdev_change_features+0xb0/0xb0
[ 1640.282467]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1640.283035]  __tun_chr_ioctl+0x2156/0x3f60
[ 1640.283572]  ? lock_downgrade+0x6d0/0x6d0
[ 1640.284097]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1640.284705]  ? tun_chr_poll+0x700/0x700
[ 1640.285212]  ? wait_for_completion_io+0x270/0x270
[ 1640.285828]  ? selinux_file_ioctl+0xb6/0x270
[ 1640.286387]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1640.290988]  __x64_sys_ioctl+0x19a/0x210
[ 1640.291502]  do_syscall_64+0x33/0x40
[ 1640.291980]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1640.292625] RIP: 0033:0x7f7955930b19
[ 1640.293097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1640.295394] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1640.296330] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1640.297202] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1640.298091] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1640.298996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1640.299857] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1640.319597] FAULT_INJECTION: forcing a failure.
[ 1640.319597] name failslab, interval 1, probability 0, space 0, times 0
[ 1640.321250] CPU: 1 PID: 8921 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1640.322101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1640.323202] Call Trace:
[ 1640.323588]  dump_stack+0x107/0x167
[ 1640.324121]  should_fail.cold+0x5/0xa
[ 1640.324681]  ? kvmalloc_node+0x119/0x170
[ 1640.325434]  should_failslab+0x5/0x20
[ 1640.326318]  __kmalloc_node+0x76/0x420
[ 1640.327079]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1640.327725]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1640.328366]  kvmalloc_node+0x119/0x170
[ 1640.328857]  tun_attach.isra.0+0x840/0x1760
[ 1640.329399]  ? trace_hardirqs_on+0x5b/0x180
[ 1640.329950]  ? lockdep_init_map_type+0x2c7/0x780
[ 1640.330538]  ? init_timer_key+0x12a/0x240
[ 1640.331103]  tun_net_init+0x45e/0x650
[ 1640.331580]  ? tun_attach.isra.0+0x1760/0x1760
[ 1640.332154]  register_netdevice+0x55b/0x1480
[ 1640.332709]  ? netdev_change_features+0xb0/0xb0
[ 1640.333300]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1640.333846]  __tun_chr_ioctl+0x2156/0x3f60
[ 1640.334379]  ? lock_downgrade+0x6d0/0x6d0
[ 1640.334915]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1640.335527]  ? tun_chr_poll+0x700/0x700
[ 1640.336035]  ? wait_for_completion_io+0x270/0x270
[ 1640.336648]  ? selinux_file_ioctl+0xb6/0x270
[ 1640.337199]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1640.337763]  __x64_sys_ioctl+0x19a/0x210
[ 1640.338278]  do_syscall_64+0x33/0x40
[ 1640.338747]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1640.339433] RIP: 0033:0x7fc68ced6b19
[ 1640.339903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1640.342177] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1640.343140] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1640.344025] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1640.344914] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1640.345807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1640.346691] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:07:07 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:07:07 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x0, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:07:07 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:07:07 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x100}}, './file0\x00'})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x172ddedc, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x2c2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
io_uring_enter(r5, 0x532f, 0x69f7, 0x2, &(0x7f0000000140)={[0x81]}, 0x8)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r7, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r4, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:07:07 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 19)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:07:07 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 58)

20:07:07 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 20)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:07:07 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x0, 0x0, 0x0)

[ 1654.050699] FAULT_INJECTION: forcing a failure.
[ 1654.050699] name failslab, interval 1, probability 0, space 0, times 0
[ 1654.052520] CPU: 1 PID: 8941 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1654.053347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1654.054346] Call Trace:
[ 1654.054672]  dump_stack+0x107/0x167
[ 1654.055115]  should_fail.cold+0x5/0xa
[ 1654.055617]  ? __get_vm_area_node+0xd4/0x340
[ 1654.056152]  should_failslab+0x5/0x20
[ 1654.056613]  kmem_cache_alloc_node_trace+0x59/0x340
[ 1654.057222]  __get_vm_area_node+0xd4/0x340
[ 1654.057737]  __vmalloc_node_range+0x13f/0x9e0
[ 1654.058279]  ? n_tty_open+0x16/0x170
[ 1654.058727]  ? n_tty_open+0x16/0x170
[ 1654.059178]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1654.059821]  ? __vmalloc_node+0x110/0x110
[ 1654.060321]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1654.060927]  ? n_tty_open+0x16/0x170
[ 1654.061376]  __vmalloc_node+0xb5/0x110
[ 1654.061845]  ? n_tty_open+0x16/0x170
[ 1654.062297]  n_tty_open+0x16/0x170
[ 1654.062725]  ? n_tty_set_termios+0x1010/0x1010
[ 1654.063274]  tty_ldisc_open+0xa2/0x120
[ 1654.063798]  tty_ldisc_setup+0x43/0x100
[ 1654.064312]  tty_init_dev.part.0+0x1fa/0x610
[ 1654.064891]  ? pty_open+0x310/0x310
[ 1654.065356]  tty_init_dev+0x5b/0x80
[ 1654.065836]  ptmx_open+0x116/0x370
[ 1654.066307]  ? pty_open+0x310/0x310
[ 1654.066778]  chrdev_open+0x268/0x6e0
[ 1654.067264]  ? __unregister_chrdev+0x110/0x110
[ 1654.067883]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1654.068496]  do_dentry_open+0x4b7/0x1090
[ 1654.069033]  ? __unregister_chrdev+0x110/0x110
[ 1654.069624]  ? may_open+0x1e4/0x400
[ 1654.070103]  path_openat+0x19ba/0x2770
[ 1654.070622]  ? path_lookupat+0x860/0x860
[ 1654.071157]  ? lock_acquire+0x197/0x470
[ 1654.071694]  ? find_held_lock+0x2c/0x110
[ 1654.072236]  do_filp_open+0x190/0x3e0
[ 1654.072653] FAULT_INJECTION: forcing a failure.
[ 1654.072653] name failslab, interval 1, probability 0, space 0, times 0
[ 1654.072731]  ? may_open_dev+0xf0/0xf0
[ 1654.074514]  ? do_raw_spin_lock+0x121/0x260
[ 1654.075045]  ? rwlock_bug.part.0+0x90/0x90
[ 1654.075592]  ? _raw_spin_unlock+0x1a/0x30
[ 1654.076104]  ? alloc_fd+0x2e7/0x670
[ 1654.076561]  do_sys_openat2+0x171/0x4d0
[ 1654.077053]  ? build_open_flags+0x6f0/0x6f0
[ 1654.077585]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.078184]  ? wait_for_completion_io+0x270/0x270
[ 1654.078780]  __x64_sys_openat+0x13f/0x1f0
[ 1654.079302]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1654.079829]  ? ksys_write+0x1a9/0x260
[ 1654.080312]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1654.080949]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1654.081588]  do_syscall_64+0x33/0x40
[ 1654.082046]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1654.082674] RIP: 0033:0x7f05ed26ab19
[ 1654.083138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1654.085401] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1654.086336] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1654.087218] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1654.088112] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1654.088981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1654.089855] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1654.090755] CPU: 0 PID: 8942 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1654.091065] syz-executor.5: vmalloc: allocation failure: 9120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[ 1654.095618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1654.095623] Call Trace:
[ 1654.095640]  dump_stack+0x107/0x167
[ 1654.095655]  should_fail.cold+0x5/0xa
[ 1654.095673]  ? __kernfs_new_node+0xd4/0x860
[ 1654.095691]  should_failslab+0x5/0x20
[ 1654.097053] ,cpuset=
[ 1654.097966]  kmem_cache_alloc+0x5b/0x310
[ 1654.097987]  __kernfs_new_node+0xd4/0x860
[ 1654.098008]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1654.098029]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.098611] syz5
[ 1654.098880]  ? wait_for_completion_io+0x270/0x270
[ 1654.098899]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1654.099466] ,mems_allowed=0
[ 1654.099970]  kernfs_new_node+0x18d/0x250
[ 1654.099989]  __kernfs_create_file+0x51/0x350
[ 1654.100449] 
[ 1654.100722]  sysfs_add_file_mode_ns+0x221/0x560
[ 1654.100745]  internal_create_group+0x324/0xb30
[ 1654.100766]  ? sysfs_remove_group+0x170/0x170
[ 1654.100783]  ? kernfs_add_one+0x124/0x4d0
[ 1654.108033]  ? kernfs_create_link+0x1b7/0x230
[ 1654.108590]  internal_create_groups.part.0+0x90/0x140
[ 1654.109226]  sysfs_create_groups+0x25/0x50
[ 1654.109742]  device_add+0x7a9/0x1c50
[ 1654.110207]  ? lockdep_init_map_type+0x2c7/0x780
[ 1654.110785]  ? devlink_add_symlinks+0x970/0x970
[ 1654.111386]  netdev_register_kobject+0x17a/0x3b0
[ 1654.111969]  register_netdevice+0xd6e/0x1480
[ 1654.112517]  ? netdev_change_features+0xb0/0xb0
[ 1654.113092]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1654.113628]  __tun_chr_ioctl+0x2156/0x3f60
[ 1654.114152]  ? lock_downgrade+0x6d0/0x6d0
[ 1654.114659]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.115253]  ? tun_chr_poll+0x700/0x700
[ 1654.115766]  ? wait_for_completion_io+0x270/0x270
[ 1654.116368]  ? selinux_file_ioctl+0xb6/0x270
[ 1654.116904]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1654.117449]  __x64_sys_ioctl+0x19a/0x210
[ 1654.117942]  do_syscall_64+0x33/0x40
[ 1654.118399]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1654.119018] RIP: 0033:0x7f7955930b19
[ 1654.119505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1654.121728] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1654.122655] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1654.123543] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1654.124415] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1654.125284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1654.126151] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1654.127096] CPU: 1 PID: 8941 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1654.127994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1654.129064] Call Trace:
[ 1654.129412]  dump_stack+0x107/0x167
[ 1654.129894]  warn_alloc.cold+0x95/0x18a
[ 1654.130418]  ? zone_watermark_ok_safe+0x260/0x260
[ 1654.131051]  ? __get_vm_area_node+0xd4/0x340
[ 1654.131654]  ? __kasan_kmalloc.constprop.0+0xa2/0xd0
[ 1654.132318]  ? __get_vm_area_node+0x262/0x340
[ 1654.132911]  __vmalloc_node_range+0x58f/0x9e0
[ 1654.133488]  ? n_tty_open+0x16/0x170
[ 1654.133972]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1654.134627]  ? __vmalloc_node+0x110/0x110
[ 1654.135166]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1654.135830]  ? n_tty_open+0x16/0x170
[ 1654.136312]  __vmalloc_node+0xb5/0x110
[ 1654.136816]  ? n_tty_open+0x16/0x170
[ 1654.137307]  n_tty_open+0x16/0x170
[ 1654.137765]  ? n_tty_set_termios+0x1010/0x1010
[ 1654.138353]  tty_ldisc_open+0xa2/0x120
[ 1654.138861]  tty_ldisc_setup+0x43/0x100
[ 1654.139397]  tty_init_dev.part.0+0x1fa/0x610
[ 1654.139978]  ? pty_open+0x310/0x310
[ 1654.140451]  tty_init_dev+0x5b/0x80
[ 1654.140931]  ptmx_open+0x116/0x370
[ 1654.141393]  ? pty_open+0x310/0x310
[ 1654.141839]  chrdev_open+0x268/0x6e0
[ 1654.142293]  ? __unregister_chrdev+0x110/0x110
[ 1654.142885]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1654.147528]  do_dentry_open+0x4b7/0x1090
[ 1654.148063]  ? __unregister_chrdev+0x110/0x110
[ 1654.148656]  ? may_open+0x1e4/0x400
[ 1654.149132]  path_openat+0x19ba/0x2770
[ 1654.149649]  ? path_lookupat+0x860/0x860
[ 1654.150185]  ? lock_acquire+0x197/0x470
[ 1654.150702]  ? find_held_lock+0x2c/0x110
[ 1654.151233]  do_filp_open+0x190/0x3e0
[ 1654.151752]  ? may_open_dev+0xf0/0xf0
[ 1654.152262]  ? do_raw_spin_lock+0x121/0x260
[ 1654.152817]  ? rwlock_bug.part.0+0x90/0x90
[ 1654.153376]  ? _raw_spin_unlock+0x1a/0x30
[ 1654.153915]  ? alloc_fd+0x2e7/0x670
[ 1654.154405]  do_sys_openat2+0x171/0x4d0
[ 1654.154930]  ? build_open_flags+0x6f0/0x6f0
[ 1654.155518]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.156153]  ? wait_for_completion_io+0x270/0x270
[ 1654.156795]  __x64_sys_openat+0x13f/0x1f0
[ 1654.157338]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1654.157882]  ? ksys_write+0x1a9/0x260
[ 1654.158380]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1654.159062]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1654.159767]  do_syscall_64+0x33/0x40
[ 1654.160260]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1654.160928] RIP: 0033:0x7f05ed26ab19
[ 1654.161416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1654.163801] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1654.164783] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1654.165716] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1654.166634] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1654.167568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1654.168492] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1654.169509] Mem-Info:
[ 1654.169914] active_anon:55 inactive_anon:53292 isolated_anon:0
[ 1654.169914]  active_file:14098 inactive_file:71650 isolated_file:0
[ 1654.169914]  unevictable:0 dirty:112 writeback:0
[ 1654.169914]  slab_reclaimable:8724 slab_unreclaimable:63057
[ 1654.169914]  mapped:81618 shmem:664 pagetables:1476 bounce:0
[ 1654.169914]  free:94772 free_pcp:595 free_cma:0
[ 1654.173869] Node 0 active_anon:220kB inactive_anon:213168kB active_file:56392kB inactive_file:286600kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:326472kB dirty:448kB writeback:0kB shmem:2656kB writeback_tmp:0kB kernel_stack:4416kB all_unreclaimable? no
[ 1654.176943] Node 0 DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1654.180384] lowmem_reserve[]: 0 1616 1616 1616
[ 1654.181132] Node 0 DMA32 free:363180kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:220kB inactive_anon:213168kB active_file:56392kB inactive_file:286600kB unevictable:0kB writepending:444kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:5904kB bounce:0kB free_pcp:2364kB local_pcp:1296kB free_cma:0kB
[ 1654.185071] lowmem_reserve[]: 0 0 0 0
[ 1654.185608] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1654.187606] Node 0 DMA32: 713*4kB (UME) 842*8kB (UM) 151*16kB (UME) 125*32kB (UME) 50*64kB (UM) 41*128kB (UME) 35*256kB (UM) 18*512kB (UME) 7*1024kB (UME) 7*2048kB (U) 73*4096kB (UM) = 363140kB
[ 1654.190040] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
20:07:07 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000004, 0x10, r0, 0x10000000)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000002c0), 0x539002, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x1, 0x0, @fd=r2, 0x0, 0x0, 0x0, {0x8a}}, 0x3)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000100)={0x5, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x105142, 0x185)
perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0x20, 0x2, 0x1, 0x5, 0x0, 0xffffffff, 0x30b00, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000300), 0x7}, 0x11010, 0x8, 0xfff, 0x3, 0x2, 0x6e10e618, 0x8, 0x0, 0x4, 0x0, 0x200}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000002a40)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
syz_io_uring_submit(r4, r1, &(0x7f0000000240)=@IORING_OP_SEND={0x1a, 0x4, 0x0, r3, 0x0, &(0x7f0000000080)="7b5c2976ad5d42627ce83cc59ea70c29a997f68a6466b76f35415648014bb313150b9784b2562f0a36044a4c46af8eec23e98d68b0cbb844a149c32f2daf1d84efef424c74c51e6a5e4ec47b6c84a681bc7713e186e13d09597c1c7be5c3f8d97763d09ddcd2936a1641a79be356ee", 0x6f, 0x4010, 0x1}, 0x5)
openat$incfs(0xffffffffffffffff, &(0x7f0000000140)='.log\x00', 0x220001, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x8000000}], 0x0)

[ 1654.191248] 28135 total pagecache pages
[ 1654.191761] 0 pages in swap cache
[ 1654.192264] Swap cache stats: add 0, delete 0, find 0/0
[ 1654.192982] Free swap  = 0kB
[ 1654.199397] Total swap = 0kB
[ 1654.199844] 524158 pages RAM
[ 1654.200340] 0 pages HighMem/MovableOnly
[ 1654.200850] 105064 pages reserved
[ 1654.201536] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:07:07 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x4, 0x4000, @fd_index=0x8, 0x5, 0x0, 0x0, 0x16, 0x1, {0x1}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:07:07 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x0, 0x0, 0x0)

[ 1654.355932] FAULT_INJECTION: forcing a failure.
[ 1654.355932] name failslab, interval 1, probability 0, space 0, times 0
[ 1654.357509] CPU: 0 PID: 8938 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1654.358361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1654.359417] Call Trace:
[ 1654.359766]  dump_stack+0x107/0x167
[ 1654.360236]  should_fail.cold+0x5/0xa
[ 1654.360734]  ? create_object.isra.0+0x3a/0xa20
[ 1654.361335]  should_failslab+0x5/0x20
[ 1654.361835]  kmem_cache_alloc+0x5b/0x310
[ 1654.362362]  create_object.isra.0+0x3a/0xa20
[ 1654.362922]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1654.363607]  __kmalloc_node+0x1ae/0x420
[ 1654.364119]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1654.364793]  kvmalloc_node+0x119/0x170
[ 1654.365299]  tun_attach.isra.0+0x840/0x1760
[ 1654.365864]  ? trace_hardirqs_on+0x5b/0x180
[ 1654.366439]  ? lockdep_init_map_type+0x2c7/0x780
[ 1654.367071]  ? init_timer_key+0x12a/0x240
[ 1654.367651]  tun_net_init+0x45e/0x650
[ 1654.368144]  ? tun_attach.isra.0+0x1760/0x1760
[ 1654.368753]  register_netdevice+0x55b/0x1480
[ 1654.369331]  ? netdev_change_features+0xb0/0xb0
[ 1654.369919]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1654.370485]  __tun_chr_ioctl+0x2156/0x3f60
[ 1654.371050]  ? lock_downgrade+0x6d0/0x6d0
[ 1654.371630]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.372252]  ? tun_chr_poll+0x700/0x700
[ 1654.372788]  ? wait_for_completion_io+0x270/0x270
[ 1654.373439]  ? selinux_file_ioctl+0xb6/0x270
[ 1654.374032]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1654.374631]  __x64_sys_ioctl+0x19a/0x210
[ 1654.375167]  do_syscall_64+0x33/0x40
[ 1654.375676]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1654.376361] RIP: 0033:0x7fc68ced6b19
[ 1654.376839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1654.379189] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1654.380194] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1654.381171] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1654.382147] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1654.383070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
20:07:07 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x80, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x8a7e, 0x10, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000240)=<r2=>0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
r5 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}}, 0x0)
setxattr$security_evm(&(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000400), &(0x7f0000000440)=@v1={0x2, '`'}, 0x2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd=r3, 0x80000001, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/64, 0x40}, {&(0x7f0000000140)=""/15, 0xf}], 0x2, 0x0, 0x0, {0x0, r8}}, 0x1f)
accept4$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000300)=0xe, 0x80000)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f0000000500)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
write(r4, &(0x7f0000000740)="33c6e7e9df00280020f87a4022a8048bea09cf506f46050c7e5034d0dccc9a86bb4c6ec49a70249660f091949b61b32a3a08eed7e63101ca37285d5324f8703bf59df4516940909ca94657acb6f45bd8a11cd7cb033be555504be0f90f77f1a1a62873e6de5db2542ae2a10a9897886a1eb2a451aaef04e7566f1cc1f84340dd4ebc24c026d1ff39fb852b878c0fd9503a7ff668bf0a1878e63fde1ca9bd7ced2b3aa367846b4f2354c5a4cb24a02594c5c18d6026160d52729fe1aaa410b6da5b31cc31b96f2bd95e169bdd23c051c34b4538658e54315f6b205f263c21343425d6e52016ee191627a3cb29c3211c05bf17b8212a8a", 0xf6)
syz_io_uring_submit(r9, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1654.383993] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:07:07 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 21)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:07:07 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 59)

20:07:07 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x0, 0x0, 0x0)

20:07:07 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1654.519084] FAULT_INJECTION: forcing a failure.
[ 1654.519084] name failslab, interval 1, probability 0, space 0, times 0
[ 1654.520779] CPU: 1 PID: 8965 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1654.521664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1654.522735] Call Trace:
[ 1654.523090]  dump_stack+0x107/0x167
[ 1654.523603]  should_fail.cold+0x5/0xa
[ 1654.524106]  ? create_object.isra.0+0x3a/0xa20
[ 1654.524700]  ? create_object.isra.0+0x3a/0xa20
[ 1654.525300]  should_failslab+0x5/0x20
[ 1654.525801]  kmem_cache_alloc+0x5b/0x310
[ 1654.526344]  ? mark_lock+0xf5/0x2df0
[ 1654.526838]  create_object.isra.0+0x3a/0xa20
[ 1654.527470]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1654.528108]  kmem_cache_alloc_node_trace+0x16d/0x340
[ 1654.528761]  __get_vm_area_node+0xd4/0x340
[ 1654.529305]  __vmalloc_node_range+0x13f/0x9e0
[ 1654.529874]  ? n_tty_open+0x16/0x170
[ 1654.530347]  ? n_tty_open+0x16/0x170
[ 1654.530821]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1654.531486]  ? __vmalloc_node+0x110/0x110
[ 1654.531995]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1654.532603]  ? n_tty_open+0x16/0x170
[ 1654.533053]  __vmalloc_node+0xb5/0x110
[ 1654.533522]  ? n_tty_open+0x16/0x170
[ 1654.533974]  n_tty_open+0x16/0x170
[ 1654.534403]  ? n_tty_set_termios+0x1010/0x1010
[ 1654.534953]  tty_ldisc_open+0xa2/0x120
[ 1654.535466]  tty_ldisc_setup+0x43/0x100
[ 1654.535988]  tty_init_dev.part.0+0x1fa/0x610
[ 1654.536564]  ? pty_open+0x310/0x310
[ 1654.537042]  tty_init_dev+0x5b/0x80
[ 1654.537516]  ptmx_open+0x116/0x370
[ 1654.537970]  ? pty_open+0x310/0x310
[ 1654.538451]  chrdev_open+0x268/0x6e0
[ 1654.538955]  ? __unregister_chrdev+0x110/0x110
[ 1654.539570]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1654.540198]  do_dentry_open+0x4b7/0x1090
[ 1654.540733]  ? __unregister_chrdev+0x110/0x110
[ 1654.541331]  ? may_open+0x1e4/0x400
[ 1654.541819]  path_openat+0x19ba/0x2770
[ 1654.542353]  ? path_lookupat+0x860/0x860
[ 1654.542890]  ? lock_acquire+0x197/0x470
[ 1654.543429]  ? find_held_lock+0x2c/0x110
[ 1654.543972]  do_filp_open+0x190/0x3e0
[ 1654.544464]  ? may_open_dev+0xf0/0xf0
[ 1654.544985]  ? do_raw_spin_lock+0x121/0x260
[ 1654.545564]  ? rwlock_bug.part.0+0x90/0x90
[ 1654.546131]  ? _raw_spin_unlock+0x1a/0x30
[ 1654.546683]  ? alloc_fd+0x2e7/0x670
[ 1654.547164]  do_sys_openat2+0x171/0x4d0
[ 1654.547715]  ? build_open_flags+0x6f0/0x6f0
[ 1654.548279]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.548925]  ? wait_for_completion_io+0x270/0x270
[ 1654.549563]  __x64_sys_openat+0x13f/0x1f0
[ 1654.550118]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1654.550667]  ? ksys_write+0x1a9/0x260
[ 1654.551177]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1654.551878]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1654.552555]  do_syscall_64+0x33/0x40
[ 1654.553044]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1654.553728] RIP: 0033:0x7f05ed26ab19
[ 1654.554223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1654.556618] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1654.557623] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1654.558549] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1654.559514] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1654.560439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1654.561373] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:07:07 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 20)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1654.607918] FAULT_INJECTION: forcing a failure.
[ 1654.607918] name failslab, interval 1, probability 0, space 0, times 0
[ 1654.609519] CPU: 0 PID: 8970 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1654.610417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1654.611526] Call Trace:
[ 1654.611881]  dump_stack+0x107/0x167
[ 1654.612367]  should_fail.cold+0x5/0xa
[ 1654.612878]  ? create_object.isra.0+0x3a/0xa20
[ 1654.613483]  should_failslab+0x5/0x20
[ 1654.613984]  kmem_cache_alloc+0x5b/0x310
[ 1654.614530]  create_object.isra.0+0x3a/0xa20
[ 1654.615113]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1654.615800]  kmem_cache_alloc+0x159/0x310
[ 1654.616355]  __kernfs_new_node+0xd4/0x860
[ 1654.616903]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1654.617538]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.618178]  ? wait_for_completion_io+0x270/0x270
[ 1654.618818]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1654.619540]  kernfs_new_node+0x18d/0x250
[ 1654.620075]  __kernfs_create_file+0x51/0x350
[ 1654.620653]  sysfs_add_file_mode_ns+0x221/0x560
[ 1654.621272]  internal_create_group+0x324/0xb30
[ 1654.621873]  ? sysfs_remove_group+0x170/0x170
[ 1654.622467]  ? kernfs_add_one+0x124/0x4d0
[ 1654.623017]  ? kernfs_create_link+0x1b7/0x230
[ 1654.623632]  internal_create_groups.part.0+0x90/0x140
[ 1654.624314]  sysfs_create_groups+0x25/0x50
[ 1654.624875]  device_add+0x7a9/0x1c50
[ 1654.625374]  ? lockdep_init_map_type+0x2c7/0x780
[ 1654.625956]  ? devlink_add_symlinks+0x970/0x970
20:07:07 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4303, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1654.626631]  netdev_register_kobject+0x17a/0x3b0
[ 1654.627363]  register_netdevice+0xd6e/0x1480
[ 1654.627938]  ? netdev_change_features+0xb0/0xb0
[ 1654.628527]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1654.629076]  __tun_chr_ioctl+0x2156/0x3f60
[ 1654.629608]  ? lock_downgrade+0x6d0/0x6d0
[ 1654.630129]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.630906]  ? tun_chr_poll+0x700/0x700
[ 1654.631474]  ? wait_for_completion_io+0x270/0x270
[ 1654.632107]  ? selinux_file_ioctl+0xb6/0x270
[ 1654.632704]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1654.633298]  __x64_sys_ioctl+0x19a/0x210
[ 1654.633832]  do_syscall_64+0x33/0x40
[ 1654.634332]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1654.635016] RIP: 0033:0x7f7955930b19
[ 1654.635523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1654.637919] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1654.638913] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1654.639861] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1654.640797] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1654.641733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1654.642655] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1654.767562] FAULT_INJECTION: forcing a failure.
[ 1654.767562] name failslab, interval 1, probability 0, space 0, times 0
[ 1654.769171] CPU: 1 PID: 8974 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1654.770062] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1654.771151] Call Trace:
[ 1654.771532]  dump_stack+0x107/0x167
[ 1654.772010]  should_fail.cold+0x5/0xa
[ 1654.772532]  should_failslab+0x5/0x20
[ 1654.773034]  __kmalloc_track_caller+0x79/0x370
[ 1654.773645]  ? kstrdup_const+0x53/0x80
[ 1654.774167]  kstrdup+0x36/0x70
[ 1654.774593]  kstrdup_const+0x53/0x80
[ 1654.775096]  kvasprintf_const+0x10c/0x1a0
[ 1654.775671]  kobject_set_name_vargs+0x56/0x150
[ 1654.776280]  dev_set_name+0xbb/0xf0
[ 1654.776759]  ? device_initialize+0x620/0x620
[ 1654.777353]  ? lockdep_init_map_type+0x2c7/0x780
[ 1654.778001]  netdev_register_kobject+0xbd/0x3b0
[ 1654.778616]  register_netdevice+0xd6e/0x1480
[ 1654.779213]  ? netdev_change_features+0xb0/0xb0
[ 1654.779843]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1654.780430]  __tun_chr_ioctl+0x2156/0x3f60
[ 1654.780981]  ? lock_downgrade+0x6d0/0x6d0
[ 1654.781504]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1654.782133]  ? tun_chr_poll+0x700/0x700
[ 1654.782657]  ? wait_for_completion_io+0x270/0x270
[ 1654.783324]  ? selinux_file_ioctl+0xb6/0x270
[ 1654.783916]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1654.784517]  __x64_sys_ioctl+0x19a/0x210
[ 1654.785054]  do_syscall_64+0x33/0x40
[ 1654.785561]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1654.786236] RIP: 0033:0x7fc68ced6b19
[ 1654.786739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1654.789162] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1654.790163] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1654.791102] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1654.792065] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1654.793005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1654.793942] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:07:21 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 22)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:07:21 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:07:21 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 60)

20:07:21 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:07:21 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 21)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:07:21 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 1)

20:07:21 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x3, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x2, 0x0, 0x0)

20:07:21 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x4, 0x4000, @fd_index=0x8, 0x5, 0x0, 0x0, 0x16, 0x1, {0x1}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1668.249602] FAULT_INJECTION: forcing a failure.
[ 1668.249602] name failslab, interval 1, probability 0, space 0, times 0
[ 1668.251118] CPU: 1 PID: 9001 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1668.251964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.252967] Call Trace:
[ 1668.253295]  dump_stack+0x107/0x167
[ 1668.253739]  should_fail.cold+0x5/0xa
[ 1668.254207]  ? create_object.isra.0+0x3a/0xa20
[ 1668.254766]  should_failslab+0x5/0x20
[ 1668.255231]  kmem_cache_alloc+0x5b/0x310
[ 1668.255727]  ? mark_lock+0xf5/0x2df0
[ 1668.256202]  create_object.isra.0+0x3a/0xa20
[ 1668.256737]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1668.257357]  __kmalloc_track_caller+0x177/0x370
[ 1668.257923]  ? kstrdup_const+0x53/0x80
[ 1668.258400]  kstrdup+0x36/0x70
[ 1668.258793]  kstrdup_const+0x53/0x80
[ 1668.259250]  kvasprintf_const+0x10c/0x1a0
[ 1668.259757]  kobject_set_name_vargs+0x56/0x150
[ 1668.260336]  dev_set_name+0xbb/0xf0
[ 1668.260779]  ? device_initialize+0x620/0x620
[ 1668.261316]  ? lockdep_init_map_type+0x2c7/0x780
[ 1668.261902]  netdev_register_kobject+0xbd/0x3b0
[ 1668.262472]  register_netdevice+0xd6e/0x1480
[ 1668.263035]  ? netdev_change_features+0xb0/0xb0
[ 1668.263628]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1668.264176]  __tun_chr_ioctl+0x2156/0x3f60
[ 1668.264692]  ? lock_downgrade+0x6d0/0x6d0
[ 1668.265200]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.265810]  ? tun_chr_poll+0x700/0x700
[ 1668.266315]  ? wait_for_completion_io+0x270/0x270
[ 1668.266936]  ? selinux_file_ioctl+0xb6/0x270
[ 1668.267474]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1668.268038]  __x64_sys_ioctl+0x19a/0x210
[ 1668.268533]  do_syscall_64+0x33/0x40
[ 1668.268986]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.269606] RIP: 0033:0x7fc68ced6b19
[ 1668.270061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.276320] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1668.277240] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1668.278101] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1668.278959] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.279828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1668.280691] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1668.288500] FAULT_INJECTION: forcing a failure.
[ 1668.288500] name failslab, interval 1, probability 0, space 0, times 0
[ 1668.289937] CPU: 1 PID: 9003 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1668.290766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.291770] Call Trace:
[ 1668.292111]  dump_stack+0x107/0x167
[ 1668.292555]  should_fail.cold+0x5/0xa
[ 1668.293021]  ? alloc_vmap_area+0x148/0x1d10
[ 1668.293547]  should_failslab+0x5/0x20
[ 1668.294012]  kmem_cache_alloc_node+0x55/0x330
[ 1668.294560]  alloc_vmap_area+0x148/0x1d10
[ 1668.295063]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1668.295705]  ? mark_held_locks+0x9e/0xe0
[ 1668.296221]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1668.296768]  ? kasan_unpoison_shadow+0x33/0x50
[ 1668.297324]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1668.297942]  __get_vm_area_node+0x127/0x340
[ 1668.298472]  __vmalloc_node_range+0x13f/0x9e0
[ 1668.299016]  ? n_tty_open+0x16/0x170
[ 1668.299467]  ? n_tty_open+0x16/0x170
[ 1668.299948]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1668.300555]  ? __vmalloc_node+0x110/0x110
[ 1668.301056]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1668.301668]  ? n_tty_open+0x16/0x170
[ 1668.302117]  __vmalloc_node+0xb5/0x110
[ 1668.302586]  ? n_tty_open+0x16/0x170
[ 1668.303037]  n_tty_open+0x16/0x170
[ 1668.303466]  ? n_tty_set_termios+0x1010/0x1010
[ 1668.304039]  tty_ldisc_open+0xa2/0x120
[ 1668.304511]  tty_ldisc_setup+0x43/0x100
[ 1668.304992]  tty_init_dev.part.0+0x1fa/0x610
[ 1668.305526]  ? pty_open+0x310/0x310
[ 1668.305965]  tty_init_dev+0x5b/0x80
[ 1668.306427]  ptmx_open+0x116/0x370
[ 1668.306879]  ? pty_open+0x310/0x310
[ 1668.307330]  chrdev_open+0x268/0x6e0
[ 1668.307780]  ? __unregister_chrdev+0x110/0x110
[ 1668.308351]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1668.308921]  do_dentry_open+0x4b7/0x1090
[ 1668.309413]  ? __unregister_chrdev+0x110/0x110
[ 1668.309962]  ? may_open+0x1e4/0x400
[ 1668.310405]  path_openat+0x19ba/0x2770
[ 1668.310884]  ? path_lookupat+0x860/0x860
[ 1668.311377]  ? lock_acquire+0x197/0x470
[ 1668.311868]  ? find_held_lock+0x2c/0x110
[ 1668.312373]  do_filp_open+0x190/0x3e0
[ 1668.312832]  ? may_open_dev+0xf0/0xf0
[ 1668.313302]  ? do_raw_spin_lock+0x121/0x260
[ 1668.313825]  ? rwlock_bug.part.0+0x90/0x90
[ 1668.314343]  ? _raw_spin_unlock+0x1a/0x30
[ 1668.314845]  ? alloc_fd+0x2e7/0x670
[ 1668.315294]  do_sys_openat2+0x171/0x4d0
[ 1668.315778]  ? build_open_flags+0x6f0/0x6f0
[ 1668.316332]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.316919]  ? wait_for_completion_io+0x270/0x270
[ 1668.317506]  __x64_sys_openat+0x13f/0x1f0
[ 1668.318007]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1668.318516]  ? ksys_write+0x1a9/0x260
[ 1668.318983]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1668.319616]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1668.320260]  do_syscall_64+0x33/0x40
[ 1668.320712]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.321332] RIP: 0033:0x7f05ed26ab19
[ 1668.321806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.324118] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1668.325039] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1668.325901] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1668.326762] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.327622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1668.328501] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1668.329539] syz-executor.5: vmalloc: allocation failure: 9120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0
20:07:21 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x10010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r4, r6, &(0x7f0000000100), 0xbc)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1668.331183] CPU: 1 PID: 9003 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1668.332036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.333033] Call Trace:
[ 1668.333355]  dump_stack+0x107/0x167
[ 1668.333798]  warn_alloc.cold+0x95/0x18a
[ 1668.344203]  ? zone_watermark_ok_safe+0x260/0x260
[ 1668.344789]  ? slab_free_freelist_hook+0xa9/0x180
[ 1668.345401]  ? __get_vm_area_node+0x2cf/0x340
[ 1668.345970]  ? kasan_unpoison_shadow+0x33/0x50
[ 1668.346558]  ? __get_vm_area_node+0x262/0x340
[ 1668.347132]  __vmalloc_node_range+0x58f/0x9e0
[ 1668.347700]  ? n_tty_open+0x16/0x170
[ 1668.348176]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1668.348784]  ? __vmalloc_node+0x110/0x110
[ 1668.349286]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1668.349910]  ? n_tty_open+0x16/0x170
[ 1668.350380]  __vmalloc_node+0xb5/0x110
[ 1668.350872]  ? n_tty_open+0x16/0x170
[ 1668.351345]  n_tty_open+0x16/0x170
[ 1668.351802]  ? n_tty_set_termios+0x1010/0x1010
[ 1668.352360]  tty_ldisc_open+0xa2/0x120
[ 1668.352835]  tty_ldisc_setup+0x43/0x100
[ 1668.353320]  tty_init_dev.part.0+0x1fa/0x610
[ 1668.353857]  ? pty_open+0x310/0x310
[ 1668.354297]  tty_init_dev+0x5b/0x80
[ 1668.354742]  ptmx_open+0x116/0x370
[ 1668.355174]  ? pty_open+0x310/0x310
[ 1668.355615]  chrdev_open+0x268/0x6e0
[ 1668.356079]  ? __unregister_chrdev+0x110/0x110
[ 1668.356635]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1668.357206]  do_dentry_open+0x4b7/0x1090
[ 1668.357699]  ? __unregister_chrdev+0x110/0x110
[ 1668.358250]  ? may_open+0x1e4/0x400
[ 1668.358699]  path_openat+0x19ba/0x2770
[ 1668.359179]  ? path_lookupat+0x860/0x860
[ 1668.359697]  ? lock_acquire+0x197/0x470
[ 1668.360200]  ? find_held_lock+0x2c/0x110
[ 1668.360702]  do_filp_open+0x190/0x3e0
[ 1668.361162]  ? may_open_dev+0xf0/0xf0
[ 1668.361632]  ? do_raw_spin_lock+0x121/0x260
[ 1668.362155]  ? rwlock_bug.part.0+0x90/0x90
[ 1668.362674]  ? _raw_spin_unlock+0x1a/0x30
[ 1668.363177]  ? alloc_fd+0x2e7/0x670
[ 1668.363627]  do_sys_openat2+0x171/0x4d0
[ 1668.364131]  ? build_open_flags+0x6f0/0x6f0
[ 1668.364653]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.365240]  ? wait_for_completion_io+0x270/0x270
[ 1668.365829]  __x64_sys_openat+0x13f/0x1f0
[ 1668.366331]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1668.366841]  ? ksys_write+0x1a9/0x260
[ 1668.367308]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1668.371982]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1668.372637]  do_syscall_64+0x33/0x40
[ 1668.373106]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.373725] RIP: 0033:0x7f05ed26ab19
[ 1668.374176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.376413] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1668.377333] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1668.378195] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1668.379056] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.379931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1668.380797] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1668.381746] Mem-Info:
[ 1668.382145] active_anon:56 inactive_anon:53334 isolated_anon:0
[ 1668.382145]  active_file:14138 inactive_file:71700 isolated_file:0
[ 1668.382145]  unevictable:0 dirty:542 writeback:0
[ 1668.382145]  slab_reclaimable:8721 slab_unreclaimable:63258
[ 1668.382145]  mapped:81644 shmem:664 pagetables:1501 bounce:0
[ 1668.382145]  free:93016 free_pcp:465 free_cma:0
[ 1668.386108] Node 0 active_anon:224kB inactive_anon:213336kB active_file:56552kB inactive_file:286800kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:326576kB dirty:2168kB writeback:0kB shmem:2656kB writeback_tmp:0kB kernel_stack:4384kB all_unreclaimable? no
[ 1668.389061] Node 0 DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1668.396323] lowmem_reserve[]: 0 1616 1616 1616
[ 1668.396904] Node 0 DMA32 free:356156kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:224kB inactive_anon:213252kB active_file:56552kB inactive_file:286884kB unevictable:0kB writepending:2208kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:5880kB bounce:0kB free_pcp:1936kB local_pcp:968kB free_cma:0kB
[ 1668.400499] lowmem_reserve[]: 0 0 0 0
[ 1668.401063] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1668.402906] Node 0 DMA32: 435*4kB (ME) 862*8kB (UME) 354*16kB (UME) 174*32kB (UME) 164*64kB (UME) 105*128kB (UME) 78*256kB (UM) 41*512kB (UME) 23*1024kB (UME) 13*2048kB (U) 54*4096kB (UM) = 356124kB
[ 1668.405336] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1668.406443] 28243 total pagecache pages
[ 1668.406957] 0 pages in swap cache
[ 1668.407434] Swap cache stats: add 0, delete 0, find 0/0
20:07:21 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x20, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
io_uring_enter(r5, 0x4991, 0x2447, 0x3, &(0x7f0000000a40)={[0xb8b5]}, 0x8)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r7=>0x0, &(0x7f0000002a40)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
syz_io_uring_setup(0x42f2, &(0x7f0000000100)={0x0, 0x3, 0x2, 0x2, 0x126, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200)=<r9=>0x0)
syz_io_uring_submit(r7, r9, &(0x7f0000000240)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4004, @fd=r0, 0x8, &(0x7f0000000300)=""/161, 0xa1, 0x9}, 0x200)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT(0xffffffffffffffff, 0x4004f506, &(0x7f0000001f00))
r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r10, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r4, 0x0, 0x0}, 0x80000001)
r11 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
recvmsg$unix(r11, &(0x7f0000000a00)={&(0x7f00000003c0), 0xffffffffffffffc0, &(0x7f0000000880)=[{&(0x7f0000000500)=""/163, 0xa3}, {&(0x7f00000005c0)=""/138, 0x8a}, {&(0x7f0000000440)=""/38, 0x26}, {&(0x7f0000000680)=""/38, 0x26}, {&(0x7f00000006c0)=""/115, 0x73}, {&(0x7f0000000740)=""/22, 0x16}, {&(0x7f0000000780)=""/233, 0xe9}], 0x7, &(0x7f0000000a80)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1cfbff7f000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xf0}, 0x40000021)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1668.408170] Free swap  = 0kB
[ 1668.412165] Total swap = 0kB
[ 1668.412538] 524158 pages RAM
[ 1668.412901] 0 pages HighMem/MovableOnly
[ 1668.413459] 105064 pages reserved
[ 1668.413886] ptm ptm1: ldisc open failed (-12), clearing slot 1
[ 1668.418932] FAULT_INJECTION: forcing a failure.
[ 1668.418932] name failslab, interval 1, probability 0, space 0, times 0
[ 1668.420463] CPU: 1 PID: 9002 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1668.421295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.422300] Call Trace:
[ 1668.422628]  dump_stack+0x107/0x167
[ 1668.423073]  should_fail.cold+0x5/0xa
[ 1668.423542]  ? __kernfs_new_node+0xd4/0x860
[ 1668.424082]  should_failslab+0x5/0x20
[ 1668.424545]  kmem_cache_alloc+0x5b/0x310
[ 1668.425045]  __kernfs_new_node+0xd4/0x860
[ 1668.425552]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1668.426134]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.426723]  ? wait_for_completion_io+0x270/0x270
[ 1668.427310]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1668.427966]  kernfs_new_node+0x18d/0x250
[ 1668.428463]  __kernfs_create_file+0x51/0x350
[ 1668.429000]  sysfs_add_file_mode_ns+0x221/0x560
[ 1668.429572]  internal_create_group+0x324/0xb30
[ 1668.430131]  ? sysfs_remove_group+0x170/0x170
[ 1668.430676]  ? kernfs_add_one+0x124/0x4d0
[ 1668.431181]  ? kernfs_create_link+0x1b7/0x230
[ 1668.431729]  internal_create_groups.part.0+0x90/0x140
[ 1668.435155] FAULT_INJECTION: forcing a failure.
[ 1668.435155] name failslab, interval 1, probability 0, space 0, times 0
[ 1668.436382]  sysfs_create_groups+0x25/0x50
[ 1668.436397]  device_add+0x7a9/0x1c50
[ 1668.436413]  ? lockdep_init_map_type+0x2c7/0x780
[ 1668.436428]  ? devlink_add_symlinks+0x970/0x970
[ 1668.439825]  netdev_register_kobject+0x17a/0x3b0
[ 1668.440406]  register_netdevice+0xd6e/0x1480
[ 1668.440940]  ? netdev_change_features+0xb0/0xb0
[ 1668.441504]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1668.442056]  __tun_chr_ioctl+0x2156/0x3f60
[ 1668.442592]  ? lock_downgrade+0x6d0/0x6d0
[ 1668.443115]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.443697]  ? tun_chr_poll+0x700/0x700
[ 1668.444193]  ? wait_for_completion_io+0x270/0x270
[ 1668.444786]  ? selinux_file_ioctl+0xb6/0x270
[ 1668.445321]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1668.445866]  __x64_sys_ioctl+0x19a/0x210
[ 1668.446359]  do_syscall_64+0x33/0x40
[ 1668.446810]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.447429] RIP: 0033:0x7f7955930b19
[ 1668.447918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.450137] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1668.451059] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1668.451933] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1668.452794] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.453653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1668.454513] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1668.455395] CPU: 0 PID: 8997 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1668.456255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.457251] Call Trace:
[ 1668.457571]  dump_stack+0x107/0x167
[ 1668.458012]  should_fail.cold+0x5/0xa
[ 1668.458482]  should_failslab+0x5/0x20
[ 1668.458943]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1668.459490]  io_submit_sqes+0x6fe6/0x8610
[ 1668.460011]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1668.460613]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1668.461214]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1668.461799]  ? lock_downgrade+0x6d0/0x6d0
[ 1668.462298]  ? find_held_lock+0x2c/0x110
[ 1668.462792]  ? io_submit_sqes+0x8610/0x8610
[ 1668.463318]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.463917]  ? wait_for_completion_io+0x270/0x270
[ 1668.464502]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1668.465065]  ? vfs_write+0x354/0xb10
[ 1668.465515]  ? fput_many+0x2f/0x1a0
[ 1668.465956]  ? ksys_write+0x1a9/0x260
[ 1668.466417]  ? __ia32_sys_read+0xb0/0xb0
[ 1668.466911]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1668.467543]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1668.468182]  do_syscall_64+0x33/0x40
[ 1668.468632]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.469249] RIP: 0033:0x7fb7d3ecdb19
[ 1668.469704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.471941] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1668.472860] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1668.473714] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1668.474570] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.475425] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1668.476300] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:07:21 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 22)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:07:21 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:07:21 executing program 0:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000000, 0x3}, 0x11010, 0x84b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
timer_create(0x4, &(0x7f0000000080)={0x0, 0x10, 0x2}, &(0x7f00000000c0))
pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0xffffffffffffffff)
pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, 0xffffffffffffffff)
pkey_mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
r0 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0x8800000)
r1 = pkey_alloc(0x0, 0x0)
pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, r1)
pkey_mprotect(&(0x7f0000ff3000/0x3000)=nil, 0x3000, 0x2, r1)
mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2, &(0x7f0000000040)=0x100, 0x0, 0x4)

20:07:21 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 61)

20:07:21 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 23)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:07:21 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='cgroup.threads\x00', 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000140)={0x40000010})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1668.597402] FAULT_INJECTION: forcing a failure.
[ 1668.597402] name failslab, interval 1, probability 0, space 0, times 0
[ 1668.598883] CPU: 1 PID: 9023 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1668.599714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.600735] Call Trace:
[ 1668.601064]  dump_stack+0x107/0x167
[ 1668.601510]  should_fail.cold+0x5/0xa
[ 1668.601977]  ? create_object.isra.0+0x3a/0xa20
[ 1668.602535]  should_failslab+0x5/0x20
[ 1668.603004]  kmem_cache_alloc+0x5b/0x310
[ 1668.603499]  ? tty_ldisc_setup+0x43/0x100
[ 1668.604019]  ? tty_init_dev.part.0+0x1fa/0x610
[ 1668.604575]  create_object.isra.0+0x3a/0xa20
[ 1668.605110]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1668.605728]  kmem_cache_alloc_node+0x169/0x330
[ 1668.606293]  alloc_vmap_area+0x148/0x1d10
[ 1668.606796]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1668.607437]  ? mark_held_locks+0x9e/0xe0
[ 1668.607956]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1668.608503]  ? kasan_unpoison_shadow+0x33/0x50
[ 1668.609059]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1668.609676]  __get_vm_area_node+0x127/0x340
[ 1668.610205]  __vmalloc_node_range+0x13f/0x9e0
[ 1668.610747]  ? n_tty_open+0x16/0x170
[ 1668.611197]  ? n_tty_open+0x16/0x170
[ 1668.611650]  ? mark_held_locks+0x9e/0xe0
[ 1668.612170]  ? __switch_to+0x572/0xf70
[ 1668.612644]  ? __vmalloc_node+0x110/0x110
[ 1668.613144]  ? trace_hardirqs_on+0x5b/0x180
[ 1668.613667]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1668.614319]  ? n_tty_open+0x16/0x170
[ 1668.614768]  __vmalloc_node+0xb5/0x110
[ 1668.615236]  ? n_tty_open+0x16/0x170
[ 1668.615687]  n_tty_open+0x16/0x170
[ 1668.616134]  ? n_tty_set_termios+0x1010/0x1010
[ 1668.616684]  tty_ldisc_open+0xa2/0x120
[ 1668.617155]  tty_ldisc_setup+0x43/0x100
[ 1668.617636]  tty_init_dev.part.0+0x1fa/0x610
[ 1668.618169]  ? pty_open+0x310/0x310
[ 1668.618606]  tty_init_dev+0x5b/0x80
[ 1668.619048]  ptmx_open+0x116/0x370
[ 1668.619479]  ? pty_open+0x310/0x310
[ 1668.619934]  chrdev_open+0x268/0x6e0
[ 1668.620387]  ? __unregister_chrdev+0x110/0x110
[ 1668.620945]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1668.621312] FAULT_INJECTION: forcing a failure.
[ 1668.621312] name failslab, interval 1, probability 0, space 0, times 0
[ 1668.621512]  do_dentry_open+0x4b7/0x1090
[ 1668.623342]  ? __unregister_chrdev+0x110/0x110
[ 1668.623912]  ? may_open+0x1e4/0x400
[ 1668.624354]  path_openat+0x19ba/0x2770
[ 1668.624832]  ? path_lookupat+0x860/0x860
[ 1668.625325]  ? lock_acquire+0x197/0x470
[ 1668.625810]  ? find_held_lock+0x2c/0x110
[ 1668.626310]  do_filp_open+0x190/0x3e0
[ 1668.626769]  ? may_open_dev+0xf0/0xf0
[ 1668.627240]  ? do_raw_spin_lock+0x121/0x260
[ 1668.627788]  ? rwlock_bug.part.0+0x90/0x90
[ 1668.628332]  ? _raw_spin_unlock+0x1a/0x30
[ 1668.628837]  ? alloc_fd+0x2e7/0x670
[ 1668.629287]  do_sys_openat2+0x171/0x4d0
[ 1668.629772]  ? build_open_flags+0x6f0/0x6f0
[ 1668.630296]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.630889]  ? wait_for_completion_io+0x270/0x270
[ 1668.631479]  __x64_sys_openat+0x13f/0x1f0
[ 1668.632002]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1668.632514]  ? ksys_write+0x1a9/0x260
[ 1668.632980]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1668.633614]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1668.634239]  do_syscall_64+0x33/0x40
[ 1668.634688]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.635312] RIP: 0033:0x7f05ed26ab19
[ 1668.635762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.638011] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1668.638931] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1668.639792] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1668.640681] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.641543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1668.642405] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1668.643289] CPU: 0 PID: 9024 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1668.644184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.645400] Call Trace:
[ 1668.645785]  dump_stack+0x107/0x167
[ 1668.646318]  should_fail.cold+0x5/0xa
[ 1668.646877]  ? device_add+0x106f/0x1c50
[ 1668.652303]  should_failslab+0x5/0x20
[ 1668.652862]  kmem_cache_alloc_trace+0x55/0x320
[ 1668.653531]  ? kfree_const+0x51/0x60
[ 1668.654081]  device_add+0x106f/0x1c50
[ 1668.654640]  ? lockdep_init_map_type+0x2c7/0x780
[ 1668.655334]  ? devlink_add_symlinks+0x970/0x970
[ 1668.656002]  netdev_register_kobject+0x17a/0x3b0
[ 1668.656578]  register_netdevice+0xd6e/0x1480
[ 1668.657114]  ? netdev_change_features+0xb0/0xb0
[ 1668.657678]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1668.658207]  __tun_chr_ioctl+0x2156/0x3f60
[ 1668.658720]  ? lock_downgrade+0x6d0/0x6d0
[ 1668.659221]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.659814]  ? tun_chr_poll+0x700/0x700
[ 1668.660353]  ? wait_for_completion_io+0x270/0x270
[ 1668.660943]  ? selinux_file_ioctl+0xb6/0x270
[ 1668.661478]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1668.662022]  __x64_sys_ioctl+0x19a/0x210
[ 1668.662518]  do_syscall_64+0x33/0x40
[ 1668.662972]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.663590] RIP: 0033:0x7fc68ced6b19
[ 1668.664063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.666277] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1668.667201] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1668.668086] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1668.668949] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.669811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1668.670674] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:07:22 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 2)

[ 1668.736573] FAULT_INJECTION: forcing a failure.
[ 1668.736573] name failslab, interval 1, probability 0, space 0, times 0
[ 1668.738143] CPU: 0 PID: 9036 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1668.738972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.740010] Call Trace:
[ 1668.740343]  dump_stack+0x107/0x167
[ 1668.740787]  should_fail.cold+0x5/0xa
[ 1668.741253]  ? create_object.isra.0+0x3a/0xa20
[ 1668.741808]  should_failslab+0x5/0x20
[ 1668.742273]  kmem_cache_alloc+0x5b/0x310
[ 1668.742791]  create_object.isra.0+0x3a/0xa20
[ 1668.743333]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1668.743991]  kmem_cache_alloc_bulk+0x168/0x320
[ 1668.744553]  io_submit_sqes+0x6fe6/0x8610
[ 1668.745060]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1668.745659]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1668.746263]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1668.746852]  ? lock_downgrade+0x6d0/0x6d0
[ 1668.747351]  ? find_held_lock+0x2c/0x110
[ 1668.747862]  ? io_submit_sqes+0x8610/0x8610
[ 1668.748396]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.748982]  ? wait_for_completion_io+0x270/0x270
[ 1668.749567]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1668.750151]  ? vfs_write+0x354/0xb10
[ 1668.750623]  ? fput_many+0x2f/0x1a0
[ 1668.751083]  ? ksys_write+0x1a9/0x260
[ 1668.751544]  ? __ia32_sys_read+0xb0/0xb0
[ 1668.752072]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1668.752706]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1668.753330]  do_syscall_64+0x33/0x40
[ 1668.753780]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.754399] RIP: 0033:0x7fb7d3ecdb19
[ 1668.754850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.757099] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1668.758018] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1668.758884] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1668.759746] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.760646] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1668.761513] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1668.766534] FAULT_INJECTION: forcing a failure.
[ 1668.766534] name failslab, interval 1, probability 0, space 0, times 0
[ 1668.767949] CPU: 0 PID: 9030 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1668.768775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1668.769779] Call Trace:
[ 1668.770102]  dump_stack+0x107/0x167
[ 1668.770546]  should_fail.cold+0x5/0xa
[ 1668.771011]  ? create_object.isra.0+0x3a/0xa20
[ 1668.771569]  should_failslab+0x5/0x20
[ 1668.772059]  kmem_cache_alloc+0x5b/0x310
[ 1668.772563]  create_object.isra.0+0x3a/0xa20
[ 1668.773098]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1668.773721]  kmem_cache_alloc+0x159/0x310
[ 1668.774234]  __kernfs_new_node+0xd4/0x860
[ 1668.774743]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1668.775324]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.775942]  ? wait_for_completion_io+0x270/0x270
[ 1668.776531]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1668.777169]  kernfs_new_node+0x18d/0x250
[ 1668.777664]  __kernfs_create_file+0x51/0x350
[ 1668.778198]  sysfs_add_file_mode_ns+0x221/0x560
[ 1668.778767]  internal_create_group+0x324/0xb30
[ 1668.779323]  ? sysfs_remove_group+0x170/0x170
[ 1668.779883]  ? kernfs_add_one+0x124/0x4d0
[ 1668.780391]  ? kernfs_create_link+0x1b7/0x230
[ 1668.780937]  internal_create_groups.part.0+0x90/0x140
[ 1668.781561]  sysfs_create_groups+0x25/0x50
[ 1668.782075]  device_add+0x7a9/0x1c50
[ 1668.782528]  ? lockdep_init_map_type+0x2c7/0x780
[ 1668.783099]  ? devlink_add_symlinks+0x970/0x970
[ 1668.783670]  netdev_register_kobject+0x17a/0x3b0
[ 1668.784811]  register_netdevice+0xd6e/0x1480
[ 1668.786063]  ? netdev_change_features+0xb0/0xb0
[ 1668.787389]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1668.788635]  __tun_chr_ioctl+0x2156/0x3f60
[ 1668.789840]  ? lock_downgrade+0x6d0/0x6d0
[ 1668.791019]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1668.792421]  ? tun_chr_poll+0x700/0x700
[ 1668.793555]  ? wait_for_completion_io+0x270/0x270
[ 1668.794940]  ? selinux_file_ioctl+0xb6/0x270
[ 1668.796213]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1668.797498]  __x64_sys_ioctl+0x19a/0x210
[ 1668.798656]  do_syscall_64+0x33/0x40
[ 1668.799719]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1668.805221] RIP: 0033:0x7f7955930b19
[ 1668.806282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1668.811572] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1668.813751] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1668.815791] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1668.817838] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1668.819890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1668.821930] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:07:22 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x50102}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x4, 0x0, 0x6, 0x7, 0x0, 0x9, 0x10, 0x6, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x1, @perf_bp={&(0x7f0000000180), 0x4}, 0x0, 0x0, 0x0, 0x8, 0x7fff, 0x2, 0x43, 0x0, 0x3ff, 0x0, 0xbed}, 0x0, 0xe, r0, 0xb)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x840, 0x0)
r2 = fsopen(&(0x7f0000000240)='qnx4\x00', 0x1)
r3 = syz_open_dev$vcsu(&(0x7f00000000c0), 0xffffffffffffffff, 0x200)
r4 = openat(r3, &(0x7f0000000100)='./file1\x00', 0x20000, 0x18)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r5 = fspick(r3, &(0x7f0000000140)='./file0/file0\x00', 0x0)
fsmount(r5, 0x1, 0x82)
fsmount(r2, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
fsopen(&(0x7f0000000080)='tmpfs\x00', 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3}, 0xe)
sendmmsg(r1, &(0x7f0000001040), 0x3fffffffffffdca, 0x40)
r6 = timerfd_create(0x0, 0x0)
timerfd_gettime(r6, &(0x7f0000001380))
ioctl$BTRFS_IOC_TREE_SEARCH(r6, 0xd0009411, &(0x7f0000000500)={{0x0, 0x1f, 0x7, 0x2, 0x6, 0x6, 0x7, 0x0, 0x2, 0x7, 0xffffff1e, 0x9, 0x80000001, 0x401, 0xfffffffffffffffb}})

20:07:22 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x74f01, 0x180)

20:07:22 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 3)

20:07:22 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

[ 1669.021894] FAULT_INJECTION: forcing a failure.
[ 1669.021894] name failslab, interval 1, probability 0, space 0, times 0
[ 1669.023359] CPU: 1 PID: 9045 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1669.024207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1669.025210] Call Trace:
[ 1669.025553]  dump_stack+0x107/0x167
[ 1669.026018]  should_fail.cold+0x5/0xa
[ 1669.026506]  ? create_object.isra.0+0x3a/0xa20
[ 1669.027086]  should_failslab+0x5/0x20
[ 1669.027550]  kmem_cache_alloc+0x5b/0x310
[ 1669.028418]  ? mark_held_locks+0x9e/0xe0
[ 1669.028918]  create_object.isra.0+0x3a/0xa20
[ 1669.029453]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1669.030074]  kmem_cache_alloc_bulk+0x168/0x320
[ 1669.030637]  io_submit_sqes+0x6fe6/0x8610
[ 1669.031142]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1669.031743]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1669.033069]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1669.034445]  ? lock_downgrade+0x6d0/0x6d0
[ 1669.035622]  ? find_held_lock+0x2c/0x110
[ 1669.036809]  ? io_submit_sqes+0x8610/0x8610
[ 1669.038043]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1669.039415]  ? wait_for_completion_io+0x270/0x270
[ 1669.040813]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1669.042132]  ? vfs_write+0x354/0xb10
[ 1669.043186]  ? fput_many+0x2f/0x1a0
[ 1669.044228]  ? ksys_write+0x1a9/0x260
[ 1669.045308]  ? __ia32_sys_read+0xb0/0xb0
[ 1669.046463]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1669.047964]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1669.056128]  do_syscall_64+0x33/0x40
[ 1669.056587]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1669.057210] RIP: 0033:0x7fb7d3ecdb19
[ 1669.057665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1669.059906] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1669.060835] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1669.061701] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1669.062579] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1669.063479] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1669.064385] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:07:37 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 23)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:07:37 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
r2 = getpgrp(0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r2})
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fadvise64(r3, 0x0, 0x0, 0x2)

20:07:37 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:07:37 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 62)

20:07:37 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:07:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 24)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:07:37 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x40cd, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$unix(0x1, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x3, 0x8, 0x3f, 0x7f, 0x0, 0x100, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000140), 0x4}, 0x10, 0xfffffffffffffff9, 0x0, 0x3, 0x0, 0xd, 0x1f, 0x0, 0x400, 0x0, 0x80}, 0x0, 0xe, r0, 0xa)
r6 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x2, 0x1, {0x1, r9}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r10 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000240))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000300)={{0x1, 0x1, 0x18, r10, {0x1ff}}, './file0\x00'})
r11 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r11, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r4, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:07:37 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 4)

[ 1683.725400] FAULT_INJECTION: forcing a failure.
[ 1683.725400] name failslab, interval 1, probability 0, space 0, times 0
[ 1683.726950] CPU: 1 PID: 9065 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1683.727693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1683.730292] Call Trace:
[ 1683.730630]  dump_stack+0x107/0x167
[ 1683.731080]  should_fail.cold+0x5/0xa
[ 1683.731551]  ? __kernfs_new_node+0xd4/0x860
[ 1683.732079]  should_failslab+0x5/0x20
[ 1683.736565]  kmem_cache_alloc+0x5b/0x310
[ 1683.737073]  __kernfs_new_node+0xd4/0x860
[ 1683.737582]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1683.738165]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1683.738752]  ? wait_for_completion_io+0x270/0x270
[ 1683.739339]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1683.739978]  kernfs_new_node+0x18d/0x250
[ 1683.740510]  __kernfs_create_file+0x51/0x350
[ 1683.741046]  sysfs_add_file_mode_ns+0x221/0x560
[ 1683.741616]  internal_create_group+0x324/0xb30
[ 1683.742179]  ? sysfs_remove_group+0x170/0x170
[ 1683.742722]  ? kernfs_add_one+0x124/0x4d0
[ 1683.743228]  ? kernfs_create_link+0x1b7/0x230
[ 1683.743773]  internal_create_groups.part.0+0x90/0x140
[ 1683.744425]  sysfs_create_groups+0x25/0x50
[ 1683.744972]  device_add+0x7a9/0x1c50
[ 1683.745458]  ? lockdep_init_map_type+0x2c7/0x780
[ 1683.746060]  ? devlink_add_symlinks+0x970/0x970
[ 1683.746644]  netdev_register_kobject+0x17a/0x3b0
[ 1683.747224]  register_netdevice+0xd6e/0x1480
[ 1683.747764]  ? netdev_change_features+0xb0/0xb0
[ 1683.748325]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1683.748882]  __tun_chr_ioctl+0x2156/0x3f60
[ 1683.749391]  ? lock_downgrade+0x6d0/0x6d0
[ 1683.749887]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1683.750473]  ? tun_chr_poll+0x700/0x700
[ 1683.750954]  ? wait_for_completion_io+0x270/0x270
[ 1683.751553]  ? selinux_file_ioctl+0xb6/0x270
[ 1683.752115]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1683.752708]  __x64_sys_ioctl+0x19a/0x210
[ 1683.753245]  do_syscall_64+0x33/0x40
[ 1683.753717]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1683.754377] RIP: 0033:0x7f7955930b19
[ 1683.754847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1683.757071] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1683.757983] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1683.758848] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1683.759714] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1683.760605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1683.761460] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1683.774411] FAULT_INJECTION: forcing a failure.
[ 1683.774411] name failslab, interval 1, probability 0, space 0, times 0
[ 1683.776558] CPU: 1 PID: 9074 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1683.777285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1683.778160] Call Trace:
[ 1683.778455]  dump_stack+0x107/0x167
[ 1683.778844]  should_fail.cold+0x5/0xa
[ 1683.779250]  ? create_object.isra.0+0x3a/0xa20
[ 1683.779740]  should_failslab+0x5/0x20
[ 1683.780141]  kmem_cache_alloc+0x5b/0x310
[ 1683.780748]  ? mark_held_locks+0x9e/0xe0
[ 1683.781255]  create_object.isra.0+0x3a/0xa20
[ 1683.781804]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1683.782442]  kmem_cache_alloc_bulk+0x168/0x320
[ 1683.783020]  io_submit_sqes+0x6fe6/0x8610
[ 1683.783536]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1683.784135]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1683.784778]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1683.785364]  ? lock_downgrade+0x6d0/0x6d0
[ 1683.785865]  ? find_held_lock+0x2c/0x110
[ 1683.786360]  ? io_submit_sqes+0x8610/0x8610
[ 1683.786891]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1683.787477]  ? wait_for_completion_io+0x270/0x270
[ 1683.788063]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1683.788672]  ? vfs_write+0x354/0xb10
[ 1683.789146]  ? fput_many+0x2f/0x1a0
[ 1683.789612]  ? ksys_write+0x1a9/0x260
[ 1683.790092]  ? __ia32_sys_read+0xb0/0xb0
[ 1683.790590]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1683.791225]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1683.791849]  do_syscall_64+0x33/0x40
20:07:37 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_READ_FIXED={0x4, 0x4, 0x2007, @fd_index, 0xfffffffffffffffe, 0x4, 0x2, 0x16, 0x0, {0x2, r5}}, 0x1)

[ 1683.792301]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1683.793186] RIP: 0033:0x7fb7d3ecdb19
[ 1683.793659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1683.795919] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1683.797059] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1683.797955] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1683.798838] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1683.799702] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1683.800611] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1683.803717] FAULT_INJECTION: forcing a failure.
[ 1683.803717] name failslab, interval 1, probability 0, space 0, times 0
[ 1683.805905] CPU: 1 PID: 9076 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1683.806738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1683.807743] Call Trace:
[ 1683.808069]  dump_stack+0x107/0x167
[ 1683.808561]  should_fail.cold+0x5/0xa
[ 1683.809050]  ? create_object.isra.0+0x3a/0xa20
[ 1683.809635]  should_failslab+0x5/0x20
[ 1683.810112]  kmem_cache_alloc+0x5b/0x310
[ 1683.810614]  ? tty_ldisc_setup+0x43/0x100
[ 1683.811116]  ? tty_init_dev.part.0+0x1fa/0x610
[ 1683.811673]  create_object.isra.0+0x3a/0xa20
[ 1683.812207]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1683.812867]  kmem_cache_alloc_node+0x169/0x330
[ 1683.813451]  alloc_vmap_area+0x148/0x1d10
[ 1683.813956]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1683.814596]  ? mark_held_locks+0x9e/0xe0
[ 1683.815096]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1683.815642]  ? kasan_unpoison_shadow+0x33/0x50
[ 1683.816197]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1683.816906]  __get_vm_area_node+0x127/0x340
[ 1683.817436]  __vmalloc_node_range+0x13f/0x9e0
[ 1683.817994]  ? n_tty_open+0x16/0x170
[ 1683.818462]  ? n_tty_open+0x16/0x170
[ 1683.818938]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1683.819548]  ? __vmalloc_node+0x110/0x110
[ 1683.820049]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1683.820685]  ? n_tty_open+0x16/0x170
[ 1683.821136]  __vmalloc_node+0xb5/0x110
[ 1683.821608]  ? n_tty_open+0x16/0x170
[ 1683.822090]  n_tty_open+0x16/0x170
[ 1683.822590]  ? n_tty_set_termios+0x1010/0x1010
[ 1683.823142]  tty_ldisc_open+0xa2/0x120
[ 1683.823616]  tty_ldisc_setup+0x43/0x100
[ 1683.824102]  tty_init_dev.part.0+0x1fa/0x610
[ 1683.824671]  ? pty_open+0x310/0x310
[ 1683.825118]  tty_init_dev+0x5b/0x80
[ 1683.825562]  ptmx_open+0x116/0x370
[ 1683.825995]  ? pty_open+0x310/0x310
[ 1683.826436]  chrdev_open+0x268/0x6e0
[ 1683.826888]  ? __unregister_chrdev+0x110/0x110
[ 1683.827446]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1683.828016]  do_dentry_open+0x4b7/0x1090
[ 1683.828558]  ? __unregister_chrdev+0x110/0x110
[ 1683.829134]  ? may_open+0x1e4/0x400
[ 1683.829599]  path_openat+0x19ba/0x2770
[ 1683.830109]  ? path_lookupat+0x860/0x860
[ 1683.830607]  ? lock_acquire+0x197/0x470
[ 1683.831090]  ? find_held_lock+0x2c/0x110
[ 1683.831586]  ? __lockdep_reset_lock+0x180/0x180
[ 1683.832157]  do_filp_open+0x190/0x3e0
[ 1683.832649]  ? may_open_dev+0xf0/0xf0
[ 1683.833148]  ? do_raw_spin_lock+0x121/0x260
[ 1683.833695]  ? rwlock_bug.part.0+0x90/0x90
[ 1683.834220]  ? _raw_spin_unlock+0x1a/0x30
[ 1683.834722]  ? alloc_fd+0x2e7/0x670
[ 1683.835173]  do_sys_openat2+0x171/0x4d0
[ 1683.835658]  ? build_open_flags+0x6f0/0x6f0
[ 1683.836181]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1683.836855]  ? wait_for_completion_io+0x270/0x270
[ 1683.837470]  __x64_sys_openat+0x13f/0x1f0
[ 1683.837976]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1683.838512]  ? ksys_write+0x1a9/0x260
[ 1683.838984]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1683.839637]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1683.840267]  do_syscall_64+0x33/0x40
[ 1683.840758]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1683.841387] RIP: 0033:0x7f05ed26ab19
[ 1683.841840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1683.844065] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1683.845028] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1683.845892] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1683.846754] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1683.847615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1683.848542] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1683.863517] FAULT_INJECTION: forcing a failure.
[ 1683.863517] name failslab, interval 1, probability 0, space 0, times 0
[ 1683.865660] CPU: 0 PID: 9070 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1683.866630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1683.867679] Call Trace:
[ 1683.868272]  dump_stack+0x107/0x167
[ 1683.868810]  should_fail.cold+0x5/0xa
[ 1683.869352]  ? create_object.isra.0+0x3a/0xa20
[ 1683.869910]  should_failslab+0x5/0x20
[ 1683.870514]  kmem_cache_alloc+0x5b/0x310
[ 1683.871283]  create_object.isra.0+0x3a/0xa20
[ 1683.871896]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1683.872812]  kmem_cache_alloc_trace+0x151/0x320
[ 1683.873453]  ? kfree_const+0x51/0x60
[ 1683.873993]  device_add+0x106f/0x1c50
[ 1683.874766]  ? lockdep_init_map_type+0x2c7/0x780
[ 1683.875391]  ? devlink_add_symlinks+0x970/0x970
[ 1683.876050]  netdev_register_kobject+0x17a/0x3b0
[ 1683.876917]  register_netdevice+0xd6e/0x1480
[ 1683.877530]  ? netdev_change_features+0xb0/0xb0
[ 1683.878098]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1683.878686]  __tun_chr_ioctl+0x2156/0x3f60
[ 1683.879502]  ? lock_downgrade+0x6d0/0x6d0
[ 1683.880093]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1683.880931]  ? tun_chr_poll+0x700/0x700
[ 1683.881565]  ? wait_for_completion_io+0x270/0x270
[ 1683.882391]  ? selinux_file_ioctl+0xb6/0x270
[ 1683.882938]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1683.883616]  __x64_sys_ioctl+0x19a/0x210
[ 1683.884356]  do_syscall_64+0x33/0x40
[ 1683.884893]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1683.885671] RIP: 0033:0x7fc68ced6b19
[ 1683.886339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1683.888997] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1683.890279] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1683.891262] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1683.892431] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1683.893584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1683.894501] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:07:37 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x40cd, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$unix(0x1, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x3, 0x8, 0x3f, 0x7f, 0x0, 0x100, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000140), 0x4}, 0x10, 0xfffffffffffffff9, 0x0, 0x3, 0x0, 0xd, 0x1f, 0x0, 0x400, 0x0, 0x80}, 0x0, 0xe, r0, 0xa)
r6 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x2, 0x1, {0x1, r9}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r10 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000240))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000300)={{0x1, 0x1, 0x18, r10, {0x1ff}}, './file0\x00'})
r11 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r11, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r4, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:07:37 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:07:50 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 25)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1697.484199] FAULT_INJECTION: forcing a failure.
[ 1697.484199] name failslab, interval 1, probability 0, space 0, times 0
[ 1697.489903] CPU: 1 PID: 9100 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1697.490733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1697.491734] Call Trace:
[ 1697.492061]  dump_stack+0x107/0x167
[ 1697.492505]  should_fail.cold+0x5/0xa
[ 1697.492988]  ? create_object.isra.0+0x3a/0xa20
[ 1697.493543]  ? create_object.isra.0+0x3a/0xa20
[ 1697.494101]  should_failslab+0x5/0x20
[ 1697.494565]  kmem_cache_alloc+0x5b/0x310
[ 1697.495063]  create_object.isra.0+0x3a/0xa20
[ 1697.495598]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1697.496217]  kmem_cache_alloc_trace+0x151/0x320
[ 1697.496786]  ? kfree_const+0x51/0x60
[ 1697.497257]  device_add+0x106f/0x1c50
[ 1697.497724]  ? lockdep_init_map_type+0x2c7/0x780
[ 1697.498303]  ? devlink_add_symlinks+0x970/0x970
[ 1697.498875]  netdev_register_kobject+0x17a/0x3b0
[ 1697.499454]  register_netdevice+0xd6e/0x1480
[ 1697.499991]  ? netdev_change_features+0xb0/0xb0
[ 1697.500558]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1697.501101]  __tun_chr_ioctl+0x2156/0x3f60
[ 1697.501616]  ? lock_downgrade+0x6d0/0x6d0
[ 1697.502123]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1697.502709]  ? tun_chr_poll+0x700/0x700
[ 1697.503194]  ? wait_for_completion_io+0x270/0x270
[ 1697.503800]  ? selinux_file_ioctl+0xb6/0x270
[ 1697.504342]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1697.504902]  __x64_sys_ioctl+0x19a/0x210
[ 1697.505409]  do_syscall_64+0x33/0x40
[ 1697.505866]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1697.506489] RIP: 0033:0x7fc68ced6b19
[ 1697.506943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1697.509272] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1697.510195] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1697.511056] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1697.511921] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1697.512785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1697.513657] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1697.517119] FAULT_INJECTION: forcing a failure.
[ 1697.517119] name failslab, interval 1, probability 0, space 0, times 0
[ 1697.518557] CPU: 1 PID: 9097 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1697.519388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1697.520393] Call Trace:
[ 1697.520716]  dump_stack+0x107/0x167
[ 1697.521181]  should_fail.cold+0x5/0xa
[ 1697.521646]  ? __vmalloc_node_range+0x7a2/0x9e0
[ 1697.522212]  ? __vmalloc_node_range+0x7a2/0x9e0
[ 1697.522778]  should_failslab+0x5/0x20
[ 1697.523240]  __kmalloc_node+0x76/0x420
[ 1697.523719]  __vmalloc_node_range+0x7a2/0x9e0
[ 1697.524274]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1697.524916]  ? __vmalloc_node+0x110/0x110
[ 1697.525423]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1697.526034]  ? n_tty_open+0x16/0x170
[ 1697.526488]  __vmalloc_node+0xb5/0x110
[ 1697.526959]  ? n_tty_open+0x16/0x170
[ 1697.527984] FAULT_INJECTION: forcing a failure.
[ 1697.527984] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1697.533264]  n_tty_open+0x16/0x170
[ 1697.533276]  ? n_tty_set_termios+0x1010/0x1010
[ 1697.533287]  tty_ldisc_open+0xa2/0x120
[ 1697.533300]  tty_ldisc_setup+0x43/0x100
[ 1697.533313]  tty_init_dev.part.0+0x1fa/0x610
[ 1697.533327]  ? pty_open+0x310/0x310
[ 1697.533337]  tty_init_dev+0x5b/0x80
[ 1697.533350]  ptmx_open+0x116/0x370
[ 1697.533363]  ? pty_open+0x310/0x310
[ 1697.533374]  chrdev_open+0x268/0x6e0
[ 1697.533387]  ? __unregister_chrdev+0x110/0x110
[ 1697.533401]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1697.533419]  do_dentry_open+0x4b7/0x1090
[ 1697.533432]  ? __unregister_chrdev+0x110/0x110
[ 1697.533443]  ? may_open+0x1e4/0x400
[ 1697.533456]  path_openat+0x19ba/0x2770
[ 1697.533477]  ? path_lookupat+0x860/0x860
[ 1697.533492]  ? lock_acquire+0x197/0x470
[ 1697.533504]  ? find_held_lock+0x2c/0x110
[ 1697.533525]  do_filp_open+0x190/0x3e0
[ 1697.533535]  ? may_open_dev+0xf0/0xf0
[ 1697.533557]  ? do_raw_spin_lock+0x121/0x260
[ 1697.533570]  ? rwlock_bug.part.0+0x90/0x90
[ 1697.533588]  ? _raw_spin_unlock+0x1a/0x30
[ 1697.533599]  ? alloc_fd+0x2e7/0x670
[ 1697.533620]  do_sys_openat2+0x171/0x4d0
[ 1697.533634]  ? build_open_flags+0x6f0/0x6f0
[ 1697.533646]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1697.533661]  ? wait_for_completion_io+0x270/0x270
[ 1697.533679]  __x64_sys_openat+0x13f/0x1f0
[ 1697.533691]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1697.533702]  ? ksys_write+0x1a9/0x260
[ 1697.533720]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1697.533732]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1697.533746]  do_syscall_64+0x33/0x40
[ 1697.533757]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1697.533765] RIP: 0033:0x7f05ed26ab19
[ 1697.533777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1697.533784] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1697.533797] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1697.533804] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1697.533811] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1697.533818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1697.533826] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1697.558087] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1697.558221] CPU: 0 PID: 9109 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1697.574877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1697.575876] Call Trace:
[ 1697.576205]  dump_stack+0x107/0x167
[ 1697.576650]  should_fail.cold+0x5/0xa
[ 1697.577134]  __alloc_pages_nodemask+0x182/0x600
[ 1697.577705]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1697.578449]  alloc_pages_current+0x187/0x280
[ 1697.578986]  allocate_slab+0x26f/0x380
[ 1697.579467]  ___slab_alloc+0x470/0x700
[ 1697.579944]  ? create_object.isra.0+0x3a/0xa20
[ 1697.580506]  ? lock_release+0x680/0x680
[ 1697.581004]  ? create_object.isra.0+0x3a/0xa20
[ 1697.581559]  ? kmem_cache_alloc+0x301/0x310
[ 1697.582080]  ? create_object.isra.0+0x3a/0xa20
[ 1697.582631]  kmem_cache_alloc+0x301/0x310
[ 1697.583136]  create_object.isra.0+0x3a/0xa20
[ 1697.583669]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1697.584286]  kmem_cache_alloc_bulk+0x168/0x320
[ 1697.584976]  io_submit_sqes+0x6fe6/0x8610
[ 1697.585747]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1697.586429]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1697.587032]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1697.587869]  ? lock_downgrade+0x6d0/0x6d0
[ 1697.588454]  ? find_held_lock+0x2c/0x110
[ 1697.588968]  ? io_submit_sqes+0x8610/0x8610
[ 1697.589756]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1697.590463]  ? wait_for_completion_io+0x270/0x270
[ 1697.591132]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1697.591919]  ? vfs_write+0x354/0xb10
[ 1697.592371]  ? fput_many+0x2f/0x1a0
[ 1697.592904]  ? ksys_write+0x1a9/0x260
[ 1697.593539]  ? __ia32_sys_read+0xb0/0xb0
[ 1697.594116]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1697.595059]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1697.595943]  do_syscall_64+0x33/0x40
[ 1697.596403]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1697.597225] RIP: 0033:0x7fb7d3ecdb19
[ 1697.597677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1697.600472] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1697.601652] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1697.602702] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1697.603816] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1697.604754] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1697.605886] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:07:50 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0xfffffffffffffffc, 0x2}, 0x880}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000500)={0x0, ""/256, 0x0, 0x0, <r6=>0x0})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x50009417, &(0x7f0000000700)={{r4}, r6, 0x6, @inherit={0x58, &(0x7f00000001c0)={0x1, 0x2, 0x14728000000, 0x200, {0x36, 0x3f, 0xffffffff, 0x7ff, 0x5}, [0x9fe1, 0x9b0]}}, @name="fc5a339617995eaf0498cee5d528a841133f9d510480f4e07036ff3861ccb7c34808ffa93d945ef240cebdcda1b377214da02f65cc59733e291227226731239c3ea267faec17b55cf222796bbdba92e17f2e4c449ccf8dfcf422ab7e6c5522cb2998208c0b44b775669549305a958e49196d3dd3728e829a9f16053e5fc900ffa39df888d55f5e76825127e16fbadbc7b9b807b062c7652f8241e8901b8e5d6a88c42eb97cb650a3e5b731242db029bc9218e42a6ac98730f3e1ffc69137414b628d1325401b7b993661b134ecd6b4a92dc7f9fde08ed992fd5f669faa5e99efdee41a440a152312d56ecce898a0067c8b32f0642b6fc81613bf048ac77fea5f15805016f3bc93c68a8aab6fe0018c142f23d48c32c68017a0e6d701023ab5a0320cc34eaf4c09038a2ef5f94214d294908e212af4fb954037ebbebb2d27f677fb2fd48c20026ad6fb5f8aa2a9b492b0a3f5df7041c5a32a2ece0cc1f974c1878581d169b19d6e255b27c8073a12228be7da53c4744171a852cb9b98162161508288097d40a202df3c41292f294ebb334313ccfe963aad583c8f4422cca1764be2fdf04b72e2d794ff1a4c75414b42b2bb750305f0958ae81c31f9400c9316a48f44de38ce31eb55fd068d5a1f5d238f945af2671cd26b1779ee187ee416ac01904aac3eadc5fa99dc8b54807dfeecb124b2e7afd3d250cb577907260110c17313664b8f04959957b9af0975565f64906cee9d49f2a921b9bb883b0541c27328b2c4fb13fdd1709576d0c287e0bc78bb9a7abccd84dc03e0223b0a90673346d6f60e4c9239396b1409ff2f92b5896251e23e6739883de991300550154630268f0ad78bf6099f75a7c3fcb3e2e9a1b5d4c723d2d6eaa57dde5c5b6029d4f2d56a93e7849058d334b2760f983d4b8d42aff1b1edd5d7b4e12bf2646491614cebf9d6aa0db8164b96a07bb5fb01dc5f82f57a2e418c1bffdfcbb6aa98b9ca63166b4bdc010f4aa80bf07e666153d59bdc2f11cc1851c750cb8b6c0344ed241f5dc72c8de3c7c67b48ee68a1cf8739c0dd66ba97fb0f0513f47ddac41c6f0fdb697576526b646624763683889d35d72bcd538cf790b5598cc58d39b9769bac98abc71d8013de646d42581a6cbc27dcf66ca0efabc2dba2d6646ef5dd6f6ce679ab569fb5bfc7e2a7eed84fef23a3316eb0d208e672780202507ed30e89f612a0e877d133555af61c04731cdb743016d34556b2df63bdbd89b6158d9bfdb61c9e41e8e18a728222f4a9080d5154a23da68666f8b511788cee146c9e35cac56541053ddfc53d0ed7418adc8b7d060d45f4fc8eeeb51a4e7eb976c46e8877f4759ee608764c98f32a89253bf37eb2d3cceceefe469ea07551bc505dbb19ff777437eb5eb81b4a58f4c93008cd96336d3bdf52a0daf98b7a0274d3847dacc39c29af0bc063aae36df2dda7f39726395dba518e24ea7a585cf9f00c92677cc9aac9edcf5d986a305ee745e2c393c61395f9cf273f2210e730b0d085bc4633eba13d88f7fceb9cea6fa19d6f40f9495eed6bd32bd0098765929a33734651561525b4f2e1c3385475760d9b5a0a2edd83e055773055656f7c470317d5bffb57e1b6f28afbf71aaef3608f2d1f2de54f22de739559dc629e57f65f25d4cb4318e2bcd6847d7d7445474ab2f8021e6bcdc8804fc792e77c46ffc64cc0d3bbe1db924d3e6c83076679ab23edf3603ac1226a60952a72ad2b49228298a867819653a786c5a25782e6ca2ff949866fc76c53574b04b7e7dc0fa5f0210dd5f5236c312894ba26d9284be8b2a1c699144f3a78ada0fbaba486eea537fe6dd1a85d9e30e004c0d1bdd901eb89a30405e08bf9c8d09f45a61ce129b0bcf8afb2d04fc7d7b338b5569754cd06d8aeabf8beed5e16bb24611befb194e6abef83951a4a0415b96dc9d448a12374ebcbb7106af7cfef8ced5081466dbac909cf03d32993c3a4782f78003e4ed6794de1b54670f02cb87fbdac5e2aeba3dc899537f39c140a55bc09571fecf99222653a9e4efe24bb67bb132a86568563e6bd494d0276d52cf5c4da21383f641ad1a0f5e25034f096550ba92083c236e7c93769ada409eed5bed987fed71354389dcb457642b075d3eaf6e52c4c085037f743bce75df20dfc3719bc8d09f4c6a14db4c86398b180a0733f6e89b7b5c8de6636305a3d5d82d7b16c233ee2b31ad286986187920c9bdc5003acf0afd00378a261db5f54629ba5f84045d73004d5fc7309b0c1dfba9ee5fa45ee1708f7714d5880da227f7c3b9a21b3e4d46ddb525c78549dcc2a89b2713e7374bf57f9331c7cd0e5bcc3a3d173989955da20dedfd8eb27f114e596bd5ad73971ffa040615ebda9fdb13a02b7231759bd46a45b16878d4c2b32a733965e684327dc83f0f580f7b5ff6e11944f7bd08c6f060c498fdad95ccbe5a70ca4b3afd51952518ea4d39719a40db8102f47770bfe331b7bdde4db2ac697ccd1ef3ef89c4d1c58b376f28f942b6b4b0ef48db5a7cc6aa9c97c957f42f5b4ea7b5edbc5b769831ff1710ca01300883653925c32c07eda0cbf1b42898a2424bb771fa54211024eb18fdf64f5093109ef14a2ef84d6c94e4831b6cea79caa61cf1bceeffc4344fcbe0c147aed951785b70327d00d8f0015f131425afffa467336ceb6b448c2af8f79f3caf89376c16f758827e2514233467c31fa1ea51fd4ea9c4f9c9a4437defbf701089094e3d7a3e4355d950d0fefc897f40d67376b54f5702860cedf3cbbd93556effc327cd0c04df138ac18d50dfb252413696cc26c10d808633e07bddcf14d7a0458e3a9609f0f3ad0492bdf4e1a91a0641e2079ceea7ea93ce8c735b85c5d061eba6e7062b933e1db45fa01f46c0852469857ca3279696fc95b49c9d152c12f2d6253c98ff72bbfa7539fa0d8a2c2840c42ad96f650bd26eae867dbe1019c43a6e579f337c82eaa4dde7ec910d96105c87c2f3b7f73ba65e78de5690315569869ae1164830754dc180509b9d04ef184ae622fb5f8af3638a39b0f7b18b7cab90fa890305583d1b9a668216b00914394c65191f5fe547b116578e6fd33e21680a99d80817f294c38f494da890f0f00ccfe7c9a44a5b75e821a58dafc27f7bf094166e7118ed471acc38281c31028b588b26751d049fa4aff62761f8c9564f558408f3a527e30b3aa7cfcd85d98fcd02c52ef80d4bd4635cc94a7839ddfee5bf2ff22c71d2b09ed35cd5341857c5db8748eab0699a309ecc940438921de775cfdd33d4d5738440eb9ea9ae7b8cfde9b510907bf1faf3604cf735729b9f22a306757a45b51a3ae61ec6e62f4660ffc7c7928820f408a03991de8457acbe6698dd7f758105aa6ca82aef29d34b1d4addfd32ee9f006186d83b2b8ddbd723cf04062914e752f3e2f03c994d65c8d562576e5fb9832b55410fbf05ee87923b9b12122f8bb5ac2feee681e00e94eaf4c7c14cd4f51392ae34e441b28f1d71f85cd1c1547eb11b1ca5cba865328e7da111828016341602e85c4a328600b443053891c808146de123fbf8372e2b3b953d21296ef77e6af0f3c1b7f5044c134b75990fed8bce7d35778a27b9361a2b7726576e36959368d1c129b314d03ac90fd5eb1b3a771c128d75af0fa24755819961d049c70673f00b968114d71f8f258c4aa1d589fa9edb020bebe70d4199e3778d483cb9585771d2a3c21589dd43697acc26d039b3496f271f9bde47563e2476f38eebbd36f4f2243d4103a4b093b66060396dc0d3581b27ffe432d2b06587d9615ff744da53fe46b80fb56edb1fbb23d8ff2691dcb758b697d82ba48cedcb28afc1ab7e99f27f6da36b85350abe55352c5a2147d7c60b6bd32372b5c2131aaa76e7752ca7776a00a6101945d2163a40092dcd137aaf371b6b1577d4990827744c2961de2d1123bdd66bbd0e8eac8b1ed35e992408df7682e38895474e41f4a43c6595cfc55562b780ed62596ec3c9ede69257f25d041481cf08447f4d0856fa026133a660fc29172d1a4f05d9b95e5affb125ddd00a2917ee91bbbca6ed14ff0c17a49ab8f2ac26e66f48a057c9c3c16662f75cab74d944833295725f116bb14097be191463b30967be68725b9ec0426e695ec8e10bda75b87e2ca24e5f1f436e49ee7e615f5a062b60213a18230116fc04567cbf10091881ae1e8c550a662c1390c6c91a0dab5166d17a0a38d49a898f489f2af41b0829da5b96746eee09627ffa57643666c67ce2ab5e9e33adfa4e798afdae418eda6df3a64ca29347ef1fa2509c2cdd0dda8c6c7ac47dc310aa530f6e3b9159d2cd53acbcfd9d0d13978fd6949b7e291c6224b7c7da57c65bc3fd010e26fa4e86608f5d5c85d78bed316b0f69227e266316fcde093aca80014b5c32a4293bbadeed4d1315416d21154e8b7c19202d4c3afb1ce9a696cff8ba288a880bf53069262813a10e187eca7330ea28d4a99cf014569a7e365775ad2811419c6bd2352536f128a87750bfd7dd283212a830654ce10770f6cd454c2163eb59e533d3e90d3c6155f2026d72c40baa8e6f28cdaed430e2bcdaa737fbdfbe852252e3da7a027924cafd3528c0385d5b9e187af5d62fe63f357addf04718155e699bddbb2abc419ec651258e0f03bb775b9e70cfc7f23fd5827da90527c25e6bb80ed8e278d435c47264982f416b8e395a24badcc593d94060bf31f2085b5248b3da07ec7334347835582a7dac6ad1064ae4863ade71b897169f76a267fdb62d4a98cc8c9d1d6d8e721255edc3c2a7759775a482565cee8cc3b8d013d019ac2421ea154d28fcc2cddea57eede501fd5e64f02ddbca85cbedb901135777428461178c70c6f691049615a2b2b5a47df42223a2d00243314e5e1e32f77d3a69262817e34886006f6608f612b279ec293662e77199de8ceba96347b53ab2c53c97cd10f166856913ad8575ef7019870d4b6fc5ca00fcfeedb5729c7955b7745f089fb9f76733e6d1fa6bf7b397704ea62768bcb38a5c2c7a0657ba26825f963204d2736ff4ed8ee7fb4867308c255a22287a8f58d591fc768f972b43dea258260617c892b3e5d0d09c031acc45a650f654b4c8ae216c12da0aa16ae0b6c8b14a552f8fc5d2247c5d4c168abcdc1935bfdcc5cf9b24e969aaf7f9faecd6c3b0e47d0a8505b135dc291a322980b66d20e3a12c0ab6758366455ef775a68fd6a440d5ea6f7327181a40f65b4b1596fad36473ff6080beeefd69a801742edd7d35a5c95054c7dc1bcd121e9b613384549e4fb7b1a4310365d23b5a82e29ca972729651c0eaf366ca37b303cd0445ddb97d387d71e5e59af3857d6a37f3ac46e5b6af2e8d0c21ac362225eede2b03da158f41873ab26227cc80d7e96b62b508e3a1b281815df097735958db5c59cc93f52391ec9331ac2d93b1bfcab8230e68880508a75acd73335fa475ab5a84607caeeaa571942033989a05b71fd17df8bc9cbe7644ce50a6695c286478c102806ec5dc7cc1b0bdf095aa16ac32ce8433b1f3eb842b94d4988d9dcd9f6f6a5e930c283f4f2dc72f3fe276d9b5798af15b72bec8733c55061292f8c79acd944f90142c41854710dee5adf589c2d80ceab1b80ee89991be883d1d5c0c5ae81a13ca0ca14fed1b60d5f94a2268ab9ed2443147547e4a73d99bb97e3c6295093928618a8e847ff4b6b118cf21400390ccde27ad54fc019"})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
lsetxattr$security_evm(&(0x7f0000000340)='./file0\x00', &(0x7f0000000140), &(0x7f0000000240)=ANY=[@ANYBLOB="03001300000e4100bfd09235b8d85b8856726eedc93cf259c9013e10a047146bea212491fb7798b46ef296bcbcc6b281c05694ce5a85e0d13bf3fc6f770c607837fc1cceaa7b2678c7a53ea6b580265be5b9a6a10fb6bb4255e5f9f3eddccd97c984455caee63742227756a536da6f87df"], 0x62, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
sendfile(0xffffffffffffffff, r4, &(0x7f0000000300), 0xffffffffffffff80)
syz_io_uring_submit(r7, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:07:50 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:07:50 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x40cd, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$unix(0x1, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x3, 0x8, 0x3f, 0x7f, 0x0, 0x100, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000140), 0x4}, 0x10, 0xfffffffffffffff9, 0x0, 0x3, 0x0, 0xd, 0x1f, 0x0, 0x400, 0x0, 0x80}, 0x0, 0xe, r0, 0xa)
r6 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x2, 0x1, {0x1, r9}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r10 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000240))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000300)={{0x1, 0x1, 0x18, r10, {0x1ff}}, './file0\x00'})
r11 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r11, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r4, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:07:50 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 5)

20:07:50 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 24)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:07:50 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:07:50 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 63)

20:07:51 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1697.649965] FAULT_INJECTION: forcing a failure.
[ 1697.649965] name failslab, interval 1, probability 0, space 0, times 0
[ 1697.651824] CPU: 0 PID: 9112 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1697.652970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1697.654182] Call Trace:
[ 1697.654509]  dump_stack+0x107/0x167
[ 1697.655284]  should_fail.cold+0x5/0xa
[ 1697.655818]  ? create_object.isra.0+0x3a/0xa20
[ 1697.656554]  should_failslab+0x5/0x20
[ 1697.657162]  kmem_cache_alloc+0x5b/0x310
[ 1697.657871]  create_object.isra.0+0x3a/0xa20
[ 1697.658478]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1697.659313]  kmem_cache_alloc+0x159/0x310
[ 1697.659874]  __kernfs_new_node+0xd4/0x860
[ 1697.660609]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1697.661337]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1697.662135]  ? wait_for_completion_io+0x270/0x270
[ 1697.662834]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1697.663703]  kernfs_new_node+0x18d/0x250
[ 1697.664405]  __kernfs_create_file+0x51/0x350
[ 1697.665097]  sysfs_add_file_mode_ns+0x221/0x560
[ 1697.665900]  internal_create_group+0x324/0xb30
[ 1697.666460]  ? sysfs_remove_group+0x170/0x170
[ 1697.667288]  ? kernfs_add_one+0x124/0x4d0
[ 1697.667881]  ? kernfs_create_link+0x1b7/0x230
[ 1697.668593]  internal_create_groups.part.0+0x90/0x140
[ 1697.669368]  sysfs_create_groups+0x25/0x50
[ 1697.670104]  device_add+0x7a9/0x1c50
[ 1697.670561]  ? lockdep_init_map_type+0x2c7/0x780
[ 1697.671358]  ? devlink_add_symlinks+0x970/0x970
[ 1697.671980]  netdev_register_kobject+0x17a/0x3b0
[ 1697.672852]  register_netdevice+0xd6e/0x1480
[ 1697.673466]  ? netdev_change_features+0xb0/0xb0
[ 1697.674180]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1697.674828]  __tun_chr_ioctl+0x2156/0x3f60
[ 1697.675345]  ? lock_downgrade+0x6d0/0x6d0
[ 1697.675899]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1697.676552]  ? tun_chr_poll+0x700/0x700
[ 1697.677310]  ? wait_for_completion_io+0x270/0x270
[ 1697.678016]  ? selinux_file_ioctl+0xb6/0x270
[ 1697.678822]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1697.679370]  __x64_sys_ioctl+0x19a/0x210
[ 1697.680040]  do_syscall_64+0x33/0x40
[ 1697.680498]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1697.681429] RIP: 0033:0x7f7955930b19
[ 1697.681951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1697.684672] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1697.685912] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1697.687049] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1697.688158] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1697.689335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1697.690503] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:07:51 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 25)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:07:51 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 26)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:07:51 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 6)

20:07:51 executing program 0:
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x7, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.idle_time\x00', 0x0, 0x0)
syncfs(r0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffd, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000b8000000000000b80000000000000000000000000000000000000000000000000000000000000000010000010100000100080800180000000000001813000000000000000000001500000000220017", 0x9f, 0x8000}, {&(0x7f0000010900)="8800170000000000001700080000000008007809140b2a3a0802000001000001010053500701beef005252050181505824016d4100000000416d03000000000000030000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a0843451c0119000000000000190000000000000000ed000000000000ed6600170000000000001700080000000008007809140b2a3a080200000100000101015252050181505824016d4100000000416d020000000000", 0xc1, 0xb800}], 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="99"])

[ 1697.775682] FAULT_INJECTION: forcing a failure.
[ 1697.775682] name failslab, interval 1, probability 0, space 0, times 0
[ 1697.781327] CPU: 0 PID: 9123 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1697.785690] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1697.786691] Call Trace:
[ 1697.787019]  dump_stack+0x107/0x167
[ 1697.787463]  should_fail.cold+0x5/0xa
[ 1697.787927]  ? create_object.isra.0+0x3a/0xa20
[ 1697.788486]  should_failslab+0x5/0x20
[ 1697.792987]  kmem_cache_alloc+0x5b/0x310
[ 1697.793493]  create_object.isra.0+0x3a/0xa20
[ 1697.794026]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1697.794648]  __kmalloc_node+0x1ae/0x420
[ 1697.795137]  __vmalloc_node_range+0x7a2/0x9e0
[ 1697.795685]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1697.796294]  ? __vmalloc_node+0x110/0x110
[ 1697.796796]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1697.797455]  ? n_tty_open+0x16/0x170
[ 1697.797910]  __vmalloc_node+0xb5/0x110
[ 1697.798382]  ? n_tty_open+0x16/0x170
[ 1697.798836]  n_tty_open+0x16/0x170
[ 1697.799267]  ? n_tty_set_termios+0x1010/0x1010
[ 1697.799819]  tty_ldisc_open+0xa2/0x120
[ 1697.800293]  tty_ldisc_setup+0x43/0x100
[ 1697.800775]  tty_init_dev.part.0+0x1fa/0x610
[ 1697.801363]  ? pty_open+0x310/0x310
[ 1697.801805]  tty_init_dev+0x5b/0x80
[ 1697.802251]  ptmx_open+0x116/0x370
[ 1697.802684]  ? pty_open+0x310/0x310
[ 1697.803125]  chrdev_open+0x268/0x6e0
[ 1697.803581]  ? __unregister_chrdev+0x110/0x110
[ 1697.804141]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1697.804713]  do_dentry_open+0x4b7/0x1090
[ 1697.805252]  ? __unregister_chrdev+0x110/0x110
[ 1697.805809]  ? may_open+0x1e4/0x400
[ 1697.806256]  path_openat+0x19ba/0x2770
[ 1697.806739]  ? path_lookupat+0x860/0x860
[ 1697.807241]  ? lock_acquire+0x197/0x470
[ 1697.807562] FAULT_INJECTION: forcing a failure.
[ 1697.807562] name failslab, interval 1, probability 0, space 0, times 0
[ 1697.807723]  ? find_held_lock+0x2c/0x110
[ 1697.807746]  do_filp_open+0x190/0x3e0
[ 1697.810057]  ? may_open_dev+0xf0/0xf0
[ 1697.810528]  ? do_raw_spin_lock+0x121/0x260
[ 1697.811051]  ? rwlock_bug.part.0+0x90/0x90
[ 1697.811572]  ? _raw_spin_unlock+0x1a/0x30
[ 1697.812074]  ? alloc_fd+0x2e7/0x670
[ 1697.812524]  do_sys_openat2+0x171/0x4d0
[ 1697.813060]  ? build_open_flags+0x6f0/0x6f0
[ 1697.813586]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1697.814175]  ? wait_for_completion_io+0x270/0x270
[ 1697.814764]  __x64_sys_openat+0x13f/0x1f0
[ 1697.815269]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1697.815779]  ? ksys_write+0x1a9/0x260
[ 1697.816248]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1697.820920]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1697.821567]  do_syscall_64+0x33/0x40
[ 1697.822021]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1697.822645] RIP: 0033:0x7f05ed26ab19
[ 1697.823099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1697.825361] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1697.826284] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1697.827152] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1697.828013] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1697.828898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1697.829810] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1697.830732] CPU: 1 PID: 9126 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1697.831580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1697.832583] Call Trace:
[ 1697.832927]  dump_stack+0x107/0x167
[ 1697.833374]  should_fail.cold+0x5/0xa
[ 1697.833841]  ? create_object.isra.0+0x3a/0xa20
[ 1697.834398]  should_failslab+0x5/0x20
[ 1697.834862]  kmem_cache_alloc+0x5b/0x310
[ 1697.835358]  ? mark_held_locks+0x9e/0xe0
[ 1697.835853]  create_object.isra.0+0x3a/0xa20
[ 1697.836387]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1697.837049]  kmem_cache_alloc_bulk+0x168/0x320
[ 1697.837612]  io_submit_sqes+0x6fe6/0x8610
[ 1697.838121]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1697.838723]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1697.839329]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1697.839918]  ? lock_downgrade+0x6d0/0x6d0
[ 1697.840421]  ? find_held_lock+0x2c/0x110
[ 1697.840932]  ? io_submit_sqes+0x8610/0x8610
[ 1697.841468]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1697.842058]  ? wait_for_completion_io+0x270/0x270
[ 1697.842646]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1697.843212]  ? vfs_write+0x354/0xb10
[ 1697.843664]  ? fput_many+0x2f/0x1a0
[ 1697.844110]  ? ksys_write+0x1a9/0x260
[ 1697.844574]  ? __ia32_sys_read+0xb0/0xb0
[ 1697.845089]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1697.845726]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1697.846355]  do_syscall_64+0x33/0x40
[ 1697.846808]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1697.847431] RIP: 0033:0x7fb7d3ecdb19
[ 1697.847884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1697.850126] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1697.851051] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1697.851917] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1697.852785] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1697.853665] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1697.854531] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:07:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2000000000000000, 0x10000}, 0x928}, 0x0, 0x8, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000400)=@IORING_OP_WRITEV={0x2, 0x0, 0x4007, @fd, 0x4, &(0x7f0000000140)=[{&(0x7f0000000200)="d685a6614b1af8a8ba1e90571175960f07126758e77a55d7d142c0a3ba07b99f2dfa6ae3cc5e4df853f550e52f222fa8ce6415dae639f3d75547e755a6a22a7e91de80809aaba8158e93f532d5b11ca3cf89083c90e1fbc07c0017be558c31a334c2280f7c2ccf24a988e12e7509", 0x6e}, {&(0x7f0000000500)="a36148bb0d370a8f71ee46357fe15e107cf09f8e4f0b071351dcaba1df7074d887bd980116b7109c8193402f59b7f0d8b74202f4981171317a7dd43c7806c31ba5a67f564b10ee7c8e7f02fa382f6b16ab275b4600ce07f611b344a77d79ce4b966f29748d1d1796f615db8ca51ad656571923674642b4c55b56c0c4302475b5d5cc94a50fe7cde4be8bdbf550c822c621d109576908a6", 0x97}, {&(0x7f0000000300)="31477d8f4e4296837fbc6d4632b41d90c5f3a34b055ed5f5a4e4a16e790969df5cfe1058f9f441e680ba68654b52f58be9fc45f94d8c4eb85b4e11d1074e9b6ad203352195eb8edf8d623d0d457b621b95c7867941", 0x55}], 0x3, 0x10, 0x0, {0x3, r4}}, 0x2)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
r8 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}}, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd=r7, 0x0, 0x0, 0x1, 0x2, 0x1, {0x0, r11, r0}}, 0x9)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000a, 0x13, r1, 0x0)
r12 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r12, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r5, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1697.879336] FAULT_INJECTION: forcing a failure.
[ 1697.879336] name failslab, interval 1, probability 0, space 0, times 0
[ 1697.880740] CPU: 1 PID: 9121 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1697.881583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1697.882587] Call Trace:
[ 1697.882911]  dump_stack+0x107/0x167
[ 1697.883354]  should_fail.cold+0x5/0xa
[ 1697.883818]  ? create_object.isra.0+0x3a/0xa20
[ 1697.884377]  should_failslab+0x5/0x20
[ 1697.884847]  kmem_cache_alloc+0x5b/0x310
[ 1697.885353]  ? find_held_lock+0x2c/0x110
[ 1697.885851]  create_object.isra.0+0x3a/0xa20
[ 1697.886388]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1697.887008]  __kmalloc_track_caller+0x177/0x370
[ 1697.887575]  ? kstrdup_const+0x53/0x80
[ 1697.888052]  kstrdup+0x36/0x70
[ 1697.888445]  kstrdup_const+0x53/0x80
[ 1697.888911]  __kernfs_new_node+0x9d/0x860
[ 1697.889424]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1697.890031]  ? map_id_range_down+0x1c4/0x340
[ 1697.890590]  ? projid_m_show+0x220/0x220
[ 1697.891116]  kernfs_new_node+0x18d/0x250
[ 1697.891637]  kernfs_create_dir_ns+0x49/0x160
[ 1697.892196]  sysfs_create_dir_ns+0x127/0x290
[ 1697.892730]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1697.893334]  ? rwlock_bug.part.0+0x90/0x90
[ 1697.893851]  ? net_namespace+0x9/0x40
[ 1697.894315]  ? device_namespace+0x95/0xd0
[ 1697.894823]  kobject_add_internal+0x25e/0xa30
[ 1697.895374]  kobject_add+0x150/0x1c0
[ 1697.895827]  ? kset_create_and_add+0x1a0/0x1a0
[ 1697.896385]  ? lockdep_init_map_type+0x2c7/0x780
[ 1697.896987]  device_add+0x35a/0x1c50
[ 1697.897442]  ? lockdep_init_map_type+0x2c7/0x780
[ 1697.898018]  ? devlink_add_symlinks+0x970/0x970
[ 1697.898591]  netdev_register_kobject+0x17a/0x3b0
[ 1697.899170]  register_netdevice+0xd6e/0x1480
[ 1697.899708]  ? netdev_change_features+0xb0/0xb0
[ 1697.900275]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1697.900807]  __tun_chr_ioctl+0x2156/0x3f60
[ 1697.901339]  ? lock_downgrade+0x6d0/0x6d0
[ 1697.901849]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1697.902437]  ? tun_chr_poll+0x700/0x700
[ 1697.902921]  ? wait_for_completion_io+0x270/0x270
[ 1697.903514]  ? selinux_file_ioctl+0xb6/0x270
[ 1697.904050]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1697.904597]  __x64_sys_ioctl+0x19a/0x210
[ 1697.905112]  do_syscall_64+0x33/0x40
[ 1697.905565]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1697.906187] RIP: 0033:0x7fc68ced6b19
[ 1697.906660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1697.908899] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1697.909827] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1697.910696] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1697.911562] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1697.912428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1697.913313] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:07:51 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

20:08:05 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 27)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:08:05 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

20:08:05 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:08:05 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 26)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1711.707324] FAULT_INJECTION: forcing a failure.
[ 1711.707324] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1711.709711] CPU: 1 PID: 9149 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1711.710540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1711.711542] Call Trace:
[ 1711.711870]  dump_stack+0x107/0x167
[ 1711.712320]  should_fail.cold+0x5/0xa
[ 1711.712790]  __alloc_pages_nodemask+0x182/0x600
[ 1711.717404]  ? __kmalloc_node+0x1ae/0x420
[ 1711.717911]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1711.718640]  ? mark_held_locks+0x9e/0xe0
[ 1711.719138]  ? trace_hardirqs_on+0x5b/0x180
[ 1711.719666]  alloc_pages_current+0x187/0x280
[ 1711.720206]  __vmalloc_node_range+0x60a/0x9e0
[ 1711.720758]  ? __vmalloc_node+0x110/0x110
[ 1711.721265]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1711.722688]  ? n_tty_open+0x16/0x170
[ 1711.723750]  __vmalloc_node+0xb5/0x110
[ 1711.724852]  ? n_tty_open+0x16/0x170
[ 1711.725947]  n_tty_open+0x16/0x170
[ 1711.726955]  ? n_tty_set_termios+0x1010/0x1010
[ 1711.728247]  tty_ldisc_open+0xa2/0x120
[ 1711.729365]  tty_ldisc_setup+0x43/0x100
[ 1711.730572]  tty_init_dev.part.0+0x1fa/0x610
[ 1711.731707]  ? pty_open+0x310/0x310
[ 1711.732671]  tty_init_dev+0x5b/0x80
[ 1711.733700]  ptmx_open+0x116/0x370
[ 1711.734614]  ? pty_open+0x310/0x310
[ 1711.735532]  chrdev_open+0x268/0x6e0
[ 1711.736414]  ? __unregister_chrdev+0x110/0x110
[ 1711.737555]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1711.738681]  do_dentry_open+0x4b7/0x1090
[ 1711.739650]  ? __unregister_chrdev+0x110/0x110
[ 1711.740737]  ? may_open+0x1e4/0x400
[ 1711.741514]  path_openat+0x19ba/0x2770
[ 1711.741996]  ? path_lookupat+0x860/0x860
[ 1711.742491]  ? lock_acquire+0x197/0x470
[ 1711.742991]  ? find_held_lock+0x2c/0x110
[ 1711.743493]  do_filp_open+0x190/0x3e0
[ 1711.743954]  ? may_open_dev+0xf0/0xf0
[ 1711.744426]  ? do_raw_spin_lock+0x121/0x260
20:08:05 executing program 0:
ftruncate(0xffffffffffffffff, 0x0)
sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, 0x0, 0x20044000)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000006c0)={&(0x7f0000000440)={0x94, 0x4, 0x8, 0x101, 0x0, 0x0, {0x0, 0x0, 0x5}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x100}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x8f9a}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x26d979bb}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x40)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000540)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000280)='asymmetric\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)='keyring\x00', 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x7, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f0000005040), &(0x7f0000005080)={'syz', 0x2}, 0x0, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x1)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000000)={0x0, 0x0, 0x6d}, 0x0, 0x0, &(0x7f0000000180)=""/109)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}]]}, 0x24}}, 0x0)
clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

20:08:05 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 7)

20:08:05 executing program 1:
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000100)=0x1)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
write$binfmt_aout(r1, &(0x7f0000000500)={{0x0, 0x0, 0x6, 0x1dd, 0x82, 0x7, 0x9e, 0x3ff}, "bde9d30fd8c7cee54f2870f7ea1314325c3fc66f34f96d71e65e49c8243fac3aeedb200652d7ed507907c4019c9e1058d9f5325dd1c5f23ff43ec5a41714e281e8c78d7584a50d7559e67b9cc889fe4405b7a5f12b6dca474db5255a08274eab1c6c0b66e7ff92c0e44f0213a2f3ade756362324b3f259d6c71595306f8acd41027261655ed12778158e72ac50c546fac29a2d5455ad3d490065f2b9755b42cda83352c12fcfbc508f7a87a0978d4ae3162660bfbd58f833ff09569ab24f98ae7e000df6174e73558b0cc1b46a890b927a9b51827140d150960f4b78be8928dd364c5d54793cd94891823148187b065717e745", ['\x00', '\x00', '\x00', '\x00']}, 0x513)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000)
syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r5, 0x0, 0x0}, 0x80000001)
io_uring_enter(r2, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:05 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 64)

[ 1711.744951]  ? rwlock_bug.part.0+0x90/0x90
[ 1711.745927]  ? _raw_spin_unlock+0x1a/0x30
[ 1711.746575]  ? alloc_fd+0x2e7/0x670
[ 1711.747153]  do_sys_openat2+0x171/0x4d0
[ 1711.747786]  ? build_open_flags+0x6f0/0x6f0
[ 1711.748463]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1711.749224]  ? wait_for_completion_io+0x270/0x270
[ 1711.749896]  __x64_sys_openat+0x13f/0x1f0
[ 1711.750442]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1711.750992]  ? ksys_write+0x1a9/0x260
[ 1711.751501]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1711.752184]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1711.752858]  do_syscall_64+0x33/0x40
[ 1711.753359]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1711.754166] RIP: 0033:0x7f05ed26ab19
[ 1711.754746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1711.757583] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1711.758592] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1711.759522] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1711.760450] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1711.761402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1711.762336] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1711.769826] FAULT_INJECTION: forcing a failure.
[ 1711.769826] name failslab, interval 1, probability 0, space 0, times 0
[ 1711.771361] CPU: 0 PID: 9148 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1711.772252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1711.773318] Call Trace:
[ 1711.774157]  dump_stack+0x107/0x167
[ 1711.775281]  should_fail.cold+0x5/0xa
[ 1711.776489]  ? __kernfs_new_node+0xd4/0x860
[ 1711.777866]  should_failslab+0x5/0x20
[ 1711.779053]  kmem_cache_alloc+0x5b/0x310
[ 1711.780312]  __kernfs_new_node+0xd4/0x860
[ 1711.781615]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1711.783134]  ? map_id_range_down+0x1c4/0x340
[ 1711.784510]  ? projid_m_show+0x220/0x220
[ 1711.785758]  kernfs_new_node+0x18d/0x250
[ 1711.787061]  kernfs_create_dir_ns+0x49/0x160
[ 1711.788455]  sysfs_create_dir_ns+0x127/0x290
[ 1711.788706] FAULT_INJECTION: forcing a failure.
[ 1711.788706] name failslab, interval 1, probability 0, space 0, times 0
[ 1711.789720]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1711.789738]  ? rwlock_bug.part.0+0x90/0x90
[ 1711.789756]  ? net_namespace+0x9/0x40
[ 1711.789774]  ? device_namespace+0x95/0xd0
[ 1711.796212]  kobject_add_internal+0x25e/0xa30
[ 1711.797499]  kobject_add+0x150/0x1c0
[ 1711.798554]  ? kset_create_and_add+0x1a0/0x1a0
[ 1711.799849]  ? lockdep_init_map_type+0x2c7/0x780
[ 1711.801214]  device_add+0x35a/0x1c50
[ 1711.802284]  ? lockdep_init_map_type+0x2c7/0x780
[ 1711.803624]  ? devlink_add_symlinks+0x970/0x970
[ 1711.804947]  netdev_register_kobject+0x17a/0x3b0
[ 1711.806316]  register_netdevice+0xd6e/0x1480
[ 1711.807566]  ? netdev_change_features+0xb0/0xb0
[ 1711.808879]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1711.810125]  __tun_chr_ioctl+0x2156/0x3f60
[ 1711.811327]  ? lock_downgrade+0x6d0/0x6d0
[ 1711.812502]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1711.813850]  ? tun_chr_poll+0x700/0x700
[ 1711.814817]  ? wait_for_completion_io+0x270/0x270
[ 1711.815997]  ? selinux_file_ioctl+0xb6/0x270
[ 1711.817074]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1711.818315]  __x64_sys_ioctl+0x19a/0x210
[ 1711.819284]  do_syscall_64+0x33/0x40
[ 1711.820164]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1711.821398] RIP: 0033:0x7fc68ced6b19
[ 1711.822298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1711.827049] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1711.828852] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1711.830795] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1711.832534] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1711.834449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1711.836147] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1711.837644] CPU: 1 PID: 9158 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1711.838469] kobject_add_internal failed for veth0_vlan (error: -12 parent: net)
[ 1711.838530] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1711.840454] Call Trace:
[ 1711.840799]  dump_stack+0x107/0x167
[ 1711.841273]  should_fail.cold+0x5/0xa
[ 1711.841778]  ? create_object.isra.0+0x3a/0xa20
[ 1711.842377]  should_failslab+0x5/0x20
[ 1711.842872]  kmem_cache_alloc+0x5b/0x310
[ 1711.843404]  ? mark_held_locks+0x9e/0xe0
[ 1711.843939]  create_object.isra.0+0x3a/0xa20
[ 1711.844517]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1711.845184]  kmem_cache_alloc_bulk+0x168/0x320
[ 1711.845840]  io_submit_sqes+0x6fe6/0x8610
[ 1711.846481]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1711.847244]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1711.848009]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1711.848756]  ? lock_downgrade+0x6d0/0x6d0
[ 1711.849397]  ? find_held_lock+0x2c/0x110
[ 1711.850029]  ? io_submit_sqes+0x8610/0x8610
[ 1711.850703]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1711.851449]  ? wait_for_completion_io+0x270/0x270
[ 1711.852194]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1711.852911]  ? vfs_write+0x354/0xb10
[ 1711.853483]  ? fput_many+0x2f/0x1a0
[ 1711.854048]  ? ksys_write+0x1a9/0x260
[ 1711.854636]  ? __ia32_sys_read+0xb0/0xb0
[ 1711.855271]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1711.856077]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1711.856873]  do_syscall_64+0x33/0x40
[ 1711.857445]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1711.858233] RIP: 0033:0x7fb7d3ecdb19
[ 1711.858807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1711.861604] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1711.862770] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1711.863862] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1711.864956] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1711.865979] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1711.866871] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1711.870205] ptm ptm1: ldisc open failed (-12), clearing slot 1
[ 1711.874234] FAULT_INJECTION: forcing a failure.
[ 1711.874234] name failslab, interval 1, probability 0, space 0, times 0
[ 1711.875763] CPU: 0 PID: 9151 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1711.876656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1711.878230] Call Trace:
[ 1711.878898]  dump_stack+0x107/0x167
[ 1711.879838]  should_fail.cold+0x5/0xa
[ 1711.880822]  ? __kernfs_new_node+0xd4/0x860
[ 1711.881669]  should_failslab+0x5/0x20
[ 1711.882169]  kmem_cache_alloc+0x5b/0x310
[ 1711.882716]  __kernfs_new_node+0xd4/0x860
[ 1711.883267]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1711.883899]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1711.884541]  ? wait_for_completion_io+0x270/0x270
[ 1711.885173]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1711.886579]  kernfs_new_node+0x18d/0x250
[ 1711.887641]  __kernfs_create_file+0x51/0x350
[ 1711.888813]  sysfs_add_file_mode_ns+0x221/0x560
[ 1711.890200]  internal_create_group+0x324/0xb30
[ 1711.891383]  ? sysfs_remove_group+0x170/0x170
[ 1711.892583]  ? kernfs_add_one+0x124/0x4d0
[ 1711.893792]  ? kernfs_create_link+0x1b7/0x230
[ 1711.894948]  internal_create_groups.part.0+0x90/0x140
[ 1711.896321]  sysfs_create_groups+0x25/0x50
[ 1711.897466]  device_add+0x7a9/0x1c50
[ 1711.898452]  ? lockdep_init_map_type+0x2c7/0x780
[ 1711.899738]  ? devlink_add_symlinks+0x970/0x970
[ 1711.900956]  netdev_register_kobject+0x17a/0x3b0
[ 1711.902277]  register_netdevice+0xd6e/0x1480
[ 1711.903419]  ? netdev_change_features+0xb0/0xb0
20:08:05 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

[ 1711.904627]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1711.910064]  __tun_chr_ioctl+0x2156/0x3f60
[ 1711.911223]  ? lock_downgrade+0x6d0/0x6d0
[ 1711.912313]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1711.917503]  ? tun_chr_poll+0x700/0x700
[ 1711.918032]  ? wait_for_completion_io+0x270/0x270
[ 1711.918674]  ? selinux_file_ioctl+0xb6/0x270
[ 1711.919262]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1711.919851]  __x64_sys_ioctl+0x19a/0x210
[ 1711.920386]  do_syscall_64+0x33/0x40
[ 1711.920873]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1711.921579] RIP: 0033:0x7f7955930b19
[ 1711.922075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1711.924475] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1711.925487] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1711.926411] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1711.927356] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1711.928292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1711.929220] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:08:05 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x0, @fd_index=0x1, 0x8, 0x0, 0x0, 0x5, 0x0, {0x4001}}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:05 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 8)

[ 1712.105552] FAULT_INJECTION: forcing a failure.
[ 1712.105552] name failslab, interval 1, probability 0, space 0, times 0
[ 1712.107141] CPU: 0 PID: 9173 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1712.108032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1712.109044] Call Trace:
20:08:05 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x0)

[ 1712.109433]  dump_stack+0x107/0x167
[ 1712.109916]  should_fail.cold+0x5/0xa
[ 1712.110407]  ? create_object.isra.0+0x3a/0xa20
[ 1712.111005]  should_failslab+0x5/0x20
[ 1712.111504]  kmem_cache_alloc+0x5b/0x310
[ 1712.112032]  ? mark_held_locks+0x9e/0xe0
[ 1712.112740]  create_object.isra.0+0x3a/0xa20
[ 1712.113318]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1712.114017]  kmem_cache_alloc_bulk+0x168/0x320
[ 1712.114621]  io_submit_sqes+0x6fe6/0x8610
[ 1712.115173]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1712.115830]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1712.116484]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1712.117130]  ? lock_downgrade+0x6d0/0x6d0
[ 1712.117704]  ? find_held_lock+0x2c/0x110
[ 1712.118242]  ? io_submit_sqes+0x8610/0x8610
[ 1712.118819]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1712.119458]  ? wait_for_completion_io+0x270/0x270
[ 1712.120093]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1712.120703]  ? vfs_write+0x354/0xb10
[ 1712.121192]  ? fput_many+0x2f/0x1a0
[ 1712.121702]  ? ksys_write+0x1a9/0x260
[ 1712.122206]  ? __ia32_sys_read+0xb0/0xb0
[ 1712.122744]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1712.123426]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1712.124098]  do_syscall_64+0x33/0x40
[ 1712.124593]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1712.125268] RIP: 0033:0x7fb7d3ecdb19
[ 1712.125775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1712.128142] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1712.129136] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1712.130078] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1712.131007] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1712.131941] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
20:08:05 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 27)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:08:05 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 65)

[ 1712.132871] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:08:05 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x4304, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x5, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @mcast2, 0x0, 0x4}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000300)="a63a", 0x2}, {0x0}, {0x0}], 0x33}, 0x0, 0x4008000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:08:05 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 28)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1712.188906] FAULT_INJECTION: forcing a failure.
[ 1712.188906] name failslab, interval 1, probability 0, space 0, times 0
[ 1712.191442] CPU: 1 PID: 9178 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1712.192346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1712.193453] Call Trace:
[ 1712.193830]  dump_stack+0x107/0x167
[ 1712.194345]  should_fail.cold+0x5/0xa
[ 1712.194917]  ? __kernfs_new_node+0xd4/0x860
[ 1712.195555]  should_failslab+0x5/0x20
[ 1712.196063]  kmem_cache_alloc+0x5b/0x310
[ 1712.196601]  __kernfs_new_node+0xd4/0x860
[ 1712.197154]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1712.197806]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1712.198446]  ? wait_for_completion_io+0x270/0x270
[ 1712.199092]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1712.199788]  kernfs_new_node+0x18d/0x250
[ 1712.200328]  __kernfs_create_file+0x51/0x350
[ 1712.200909]  sysfs_add_file_mode_ns+0x221/0x560
[ 1712.201540]  internal_create_group+0x324/0xb30
[ 1712.202142]  ? sysfs_remove_group+0x170/0x170
[ 1712.202726]  ? kernfs_add_one+0x124/0x4d0
[ 1712.203309]  ? kernfs_create_link+0x1b7/0x230
[ 1712.203979]  internal_create_groups.part.0+0x90/0x140
[ 1712.204739]  sysfs_create_groups+0x25/0x50
[ 1712.205308]  device_add+0x7a9/0x1c50
[ 1712.205823]  ? lockdep_init_map_type+0x2c7/0x780
[ 1712.206450]  ? devlink_add_symlinks+0x970/0x970
[ 1712.207068]  netdev_register_kobject+0x17a/0x3b0
[ 1712.207684]  register_netdevice+0xd6e/0x1480
[ 1712.208256]  ? netdev_change_features+0xb0/0xb0
[ 1712.208867]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1712.209465]  __tun_chr_ioctl+0x2156/0x3f60
[ 1712.210032]  ? lock_downgrade+0x6d0/0x6d0
[ 1712.210583]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1712.211237]  ? tun_chr_poll+0x700/0x700
[ 1712.211828]  ? wait_for_completion_io+0x270/0x270
[ 1712.212545]  ? selinux_file_ioctl+0xb6/0x270
[ 1712.213126]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1712.213733]  __x64_sys_ioctl+0x19a/0x210
[ 1712.214272]  do_syscall_64+0x33/0x40
[ 1712.214754]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1712.215425] RIP: 0033:0x7f7955930b19
[ 1712.215884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1712.218291] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1712.219316] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1712.220300] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1712.221237] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1712.222186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1712.223118] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:08:05 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b10039e80000006a3bfd54e0a74be38acc745345198710216c72936162b89e0e35aab62367e50e02cb54dc476d3103063fec2eb85c3b7d4b386fbbaf8fe53b17eae8ee2980450dc9769fec25c7a97920d98d57ad9838af007e0d57699bf12976d8571260767b6d48b6ac85e1eb173be4ee25e7b6f3ac90691e2e03e8", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
getsockopt$inet_mreqn(r5, 0x0, 0x20, &(0x7f0000000340)={@broadcast, @remote}, &(0x7f0000000400)=0xc)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r8, r3, &(0x7f0000000300)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x4004, @fd_index=0x401, 0x7, 0x3, 0x5}, 0x80)
syz_io_uring_submit(r8, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r4, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trqn<\x00fd,rfdno=', @ANYRESHEX=r9, @ANYBLOB="a009e4283f3976ce2a94a9861d122e8133957556bead6d48018a13622a805068000000", @ANYRESHEX=r10, @ANYBLOB="2c8e73697a6d3d307830303030303030303066c3ac2b3030332c00"])
r11 = perf_event_open$cgroup(&(0x7f0000000200)={0x5, 0x80, 0x5, 0x40, 0x0, 0x2, 0x0, 0x3, 0x82, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x9, 0x1, @perf_config_ext={0x7f, 0x1f}, 0x20, 0x9, 0x81, 0x8, 0x8001, 0x401, 0xfffa, 0x0, 0xfff, 0x0, 0x7fff}, r9, 0x5, r0, 0x6)
ioctl$PERF_EVENT_IOC_DISABLE(r11, 0x2401, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000140)={'vxcan1\x00'})
syz_io_uring_submit(r8, r3, &(0x7f0000000100)=@IORING_OP_NOP={0x0, 0x4}, 0x3)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0), 0x1, &(0x7f0000000380)=ANY=[@ANYBLOB='vno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 1712.256139] FAULT_INJECTION: forcing a failure.
[ 1712.256139] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1712.257873] CPU: 0 PID: 9185 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1712.258764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1712.259896] Call Trace:
[ 1712.260257]  dump_stack+0x107/0x167
[ 1712.260732]  should_fail.cold+0x5/0xa
[ 1712.261241]  __alloc_pages_nodemask+0x182/0x600
[ 1712.261877]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1712.262680]  ? mark_held_locks+0x9e/0xe0
[ 1712.263220]  ? trace_hardirqs_on+0x5b/0x180
[ 1712.263797]  alloc_pages_current+0x187/0x280
[ 1712.264382]  __vmalloc_node_range+0x60a/0x9e0
[ 1712.264979]  ? __vmalloc_node+0x110/0x110
[ 1712.265558]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1712.266212]  ? n_tty_open+0x16/0x170
[ 1712.266688]  __vmalloc_node+0xb5/0x110
[ 1712.267108]  ? n_tty_open+0x16/0x170
[ 1712.267504]  n_tty_open+0x16/0x170
[ 1712.267900]  ? n_tty_set_termios+0x1010/0x1010
[ 1712.268477]  tty_ldisc_open+0xa2/0x120
[ 1712.268985]  tty_ldisc_setup+0x43/0x100
[ 1712.269537]  tty_init_dev.part.0+0x1fa/0x610
[ 1712.270118]  ? pty_open+0x310/0x310
[ 1712.270604]  tty_init_dev+0x5b/0x80
[ 1712.271084]  ptmx_open+0x116/0x370
[ 1712.271572]  ? pty_open+0x310/0x310
[ 1712.272055]  chrdev_open+0x268/0x6e0
[ 1712.272531]  ? __unregister_chrdev+0x110/0x110
[ 1712.273134]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1712.273772]  do_dentry_open+0x4b7/0x1090
[ 1712.274317]  ? __unregister_chrdev+0x110/0x110
[ 1712.274908]  ? may_open+0x1e4/0x400
[ 1712.275397]  path_openat+0x19ba/0x2770
[ 1712.275920]  ? path_lookupat+0x860/0x860
[ 1712.276470]  ? lock_acquire+0x197/0x470
[ 1712.276987]  ? find_held_lock+0x2c/0x110
[ 1712.277569]  do_filp_open+0x190/0x3e0
[ 1712.278068]  ? may_open_dev+0xf0/0xf0
[ 1712.278598]  ? do_raw_spin_lock+0x121/0x260
[ 1712.279161]  ? rwlock_bug.part.0+0x90/0x90
[ 1712.279682]  ? _raw_spin_unlock+0x1a/0x30
[ 1712.280159]  ? alloc_fd+0x2e7/0x670
[ 1712.280656]  do_sys_openat2+0x171/0x4d0
[ 1712.281192]  ? build_open_flags+0x6f0/0x6f0
[ 1712.281786]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1712.282431]  ? wait_for_completion_io+0x270/0x270
[ 1712.283085]  __x64_sys_openat+0x13f/0x1f0
[ 1712.283633]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1712.284200]  ? ksys_write+0x1a9/0x260
[ 1712.284713]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1712.285423]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1712.286106]  do_syscall_64+0x33/0x40
[ 1712.286610]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1712.287292] RIP: 0033:0x7f05ed26ab19
[ 1712.287787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1712.290211] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1712.291206] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1712.292126] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1712.293057] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1712.294003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1712.294943] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1712.303495] FAULT_INJECTION: forcing a failure.
[ 1712.303495] name failslab, interval 1, probability 0, space 0, times 0
[ 1712.305059] CPU: 0 PID: 9181 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1712.305972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1712.307052] Call Trace:
[ 1712.307409]  dump_stack+0x107/0x167
[ 1712.307885]  should_fail.cold+0x5/0xa
[ 1712.308387]  ? create_object.isra.0+0x3a/0xa20
[ 1712.308988]  should_failslab+0x5/0x20
[ 1712.309516]  kmem_cache_alloc+0x5b/0x310
[ 1712.310050]  create_object.isra.0+0x3a/0xa20
[ 1712.310608]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1712.311257]  kmem_cache_alloc+0x159/0x310
[ 1712.311784]  __kernfs_new_node+0xd4/0x860
[ 1712.312325]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1712.312951]  ? map_id_range_down+0x1c4/0x340
[ 1712.313572]  ? projid_m_show+0x220/0x220
[ 1712.314122]  kernfs_new_node+0x18d/0x250
[ 1712.314625]  kernfs_create_dir_ns+0x49/0x160
[ 1712.315170]  sysfs_create_dir_ns+0x127/0x290
[ 1712.315749]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1712.316387]  ? rwlock_bug.part.0+0x90/0x90
[ 1712.316947]  ? net_namespace+0x9/0x40
[ 1712.317475]  ? device_namespace+0x95/0xd0
[ 1712.318025]  kobject_add_internal+0x25e/0xa30
[ 1712.318629]  kobject_add+0x150/0x1c0
[ 1712.319125]  ? kset_create_and_add+0x1a0/0x1a0
[ 1712.319738]  ? lockdep_init_map_type+0x2c7/0x780
[ 1712.320371]  device_add+0x35a/0x1c50
[ 1712.320862]  ? lockdep_init_map_type+0x2c7/0x780
[ 1712.321496]  ? devlink_add_symlinks+0x970/0x970
[ 1712.322116]  netdev_register_kobject+0x17a/0x3b0
[ 1712.322741]  register_netdevice+0xd6e/0x1480
[ 1712.323321]  ? netdev_change_features+0xb0/0xb0
[ 1712.323938]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1712.324509]  __tun_chr_ioctl+0x2156/0x3f60
20:08:05 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 9)

[ 1712.325071]  ? lock_downgrade+0x6d0/0x6d0
[ 1712.325650]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1712.326282]  ? tun_chr_poll+0x700/0x700
[ 1712.326799]  ? wait_for_completion_io+0x270/0x270
[ 1712.327428]  ? selinux_file_ioctl+0xb6/0x270
[ 1712.328154]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1712.328734]  __x64_sys_ioctl+0x19a/0x210
[ 1712.329264]  do_syscall_64+0x33/0x40
[ 1712.329789]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1712.330467] RIP: 0033:0x7fc68ced6b19
[ 1712.330956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1712.333329] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1712.334340] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1712.335273] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1712.336214] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1712.337143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1712.338096] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1712.369336] FAULT_INJECTION: forcing a failure.
[ 1712.369336] name failslab, interval 1, probability 0, space 0, times 0
[ 1712.371023] CPU: 1 PID: 9190 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1712.371918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1712.372990] Call Trace:
[ 1712.373347]  dump_stack+0x107/0x167
[ 1712.373856]  should_fail.cold+0x5/0xa
[ 1712.374366]  ? create_object.isra.0+0x3a/0xa20
[ 1712.374969]  should_failslab+0x5/0x20
[ 1712.375471]  kmem_cache_alloc+0x5b/0x310
[ 1712.376009]  ? mark_held_locks+0x9e/0xe0
[ 1712.376553]  create_object.isra.0+0x3a/0xa20
[ 1712.377136]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1712.377827]  kmem_cache_alloc_bulk+0x168/0x320
[ 1712.378439]  io_submit_sqes+0x6fe6/0x8610
[ 1712.378992]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1712.379658]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1712.380315]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1712.380957]  ? lock_downgrade+0x6d0/0x6d0
[ 1712.381516]  ? find_held_lock+0x2c/0x110
[ 1712.382057]  ? io_submit_sqes+0x8610/0x8610
[ 1712.382637]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1712.383277]  ? wait_for_completion_io+0x270/0x270
[ 1712.383916]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1712.384531]  ? vfs_write+0x354/0xb10
[ 1712.385024]  ? fput_many+0x2f/0x1a0
[ 1712.385502]  ? ksys_write+0x1a9/0x260
[ 1712.385977]  ? __ia32_sys_read+0xb0/0xb0
[ 1712.386513]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1712.387200]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1712.387851]  do_syscall_64+0x33/0x40
[ 1712.388337]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1712.389007] RIP: 0033:0x7fb7d3ecdb19
[ 1712.389500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1712.391813] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1712.392808] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1712.393747] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1712.394674] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1712.395609] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1712.396547] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1712.418735] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:08:19 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x0)

20:08:19 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:08:19 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 10)

20:08:19 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 28)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:08:19 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 66)

20:08:19 executing program 1:
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:19 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 29)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:08:19 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r1, r0, 0x0)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x6, 0x8, 0xf2, 0x7f, 0x0, 0x80000001, 0x2800, 0x6, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x2, @perf_config_ext={0x400000000000000, 0x3852}, 0x4100, 0x2, 0x9, 0x8, 0x1, 0x7a23e17f, 0x180, 0x0, 0x8}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x9)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, r2)
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000200)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000540)="18726d0eed55eaa57fc580dc3a0b12e0a5ee08da294ac8119c4c73f93694f2a935d17a81959d084839f846dca8739131e4a9c45c6509af44529537eae3b5a4793a9a0aacfd7a75f2b566b874939829b82a35d20d1985a92c5d7ba971251e89286f64438db33a7f05fb0d1707fd3fa27a56032a79c1d09558fbbfcb2e5f36d3e7e1c749ad35c2064fa087cf6359507a36eb69853e0cdd920cbb7586aedf5a2e5a9a1a6b8d11c08a14918b01d07c92179dfae1ef58835b5fa4be28fbd3b3eac1c9f3cf74fbe25748c55d23902439133eecfafb2e0f", 0xd4, 0xfffffffffffffffa)
add_key$keyring(&(0x7f0000000140), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r3)
add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000440)={&(0x7f0000000000), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x3c, 0x0, 0x100, 0x0, 0x25dfdbfe, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x11}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x41}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24004000}, 0x20000010)
getsockopt(0xffffffffffffffff, 0x6, 0x8, &(0x7f0000000880)=""/237, &(0x7f00000006c0)=0xed)
keyctl$revoke(0x3, 0x0)
perf_event_open(&(0x7f00000007c0)={0x0, 0x80, 0x2, 0x4, 0xf9, 0xd8, 0x0, 0x38000000000000, 0x44, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x78c600e1, 0x1, @perf_bp={&(0x7f0000000480), 0x9}, 0x42, 0xb408, 0x6, 0x0, 0xffffffffffffff02, 0x8001, 0x5, 0x0, 0x8, 0x0, 0x5}, 0x0, 0x4, 0xffffffffffffffff, 0xa)
unshare(0x48020200)

[ 1725.956639] FAULT_INJECTION: forcing a failure.
[ 1725.956639] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1725.960097] CPU: 1 PID: 9205 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1725.962178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1725.964287] Call Trace:
[ 1725.964910]  dump_stack+0x107/0x167
[ 1725.965851]  should_fail.cold+0x5/0xa
[ 1725.967009]  __alloc_pages_nodemask+0x182/0x600
[ 1725.968181]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1725.969760]  ? mark_held_locks+0x9e/0xe0
[ 1725.970979]  ? trace_hardirqs_on+0x5b/0x180
[ 1725.972051]  alloc_pages_current+0x187/0x280
[ 1725.973134]  __vmalloc_node_range+0x60a/0x9e0
[ 1725.974427]  ? __vmalloc_node+0x110/0x110
[ 1725.975473]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1725.976722]  ? __schedule+0x82c/0x1ea0
[ 1725.977737]  ? n_tty_open+0x16/0x170
[ 1725.978831]  __vmalloc_node+0xb5/0x110
[ 1725.979789]  ? n_tty_open+0x16/0x170
[ 1725.980710]  n_tty_open+0x16/0x170
[ 1725.981616]  ? n_tty_set_termios+0x1010/0x1010
[ 1725.982925]  tty_ldisc_open+0xa2/0x120
[ 1725.983909]  tty_ldisc_setup+0x43/0x100
[ 1725.986930]  tty_init_dev.part.0+0x1fa/0x610
[ 1725.988011]  ? pty_open+0x310/0x310
[ 1725.988908]  tty_init_dev+0x5b/0x80
[ 1725.989843]  ptmx_open+0x116/0x370
[ 1725.990926]  ? pty_open+0x310/0x310
[ 1725.991847]  chrdev_open+0x268/0x6e0
[ 1725.992790]  ? __unregister_chrdev+0x110/0x110
[ 1725.993641]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1725.994765]  do_dentry_open+0x4b7/0x1090
[ 1725.995797]  ? __unregister_chrdev+0x110/0x110
[ 1725.996942]  ? may_open+0x1e4/0x400
[ 1725.997901]  path_openat+0x19ba/0x2770
[ 1725.998896]  ? path_lookupat+0x860/0x860
[ 1725.999922]  ? lock_acquire+0x197/0x470
[ 1726.000922]  ? find_held_lock+0x2c/0x110
[ 1726.001983]  do_filp_open+0x190/0x3e0
[ 1726.002953]  ? may_open_dev+0xf0/0xf0
[ 1726.003907]  ? do_raw_spin_lock+0x121/0x260
[ 1726.005180]  ? rwlock_bug.part.0+0x90/0x90
[ 1726.006356]  ? _raw_spin_unlock+0x1a/0x30
[ 1726.007468]  ? alloc_fd+0x2e7/0x670
[ 1726.008403]  do_sys_openat2+0x171/0x4d0
[ 1726.009414]  ? build_open_flags+0x6f0/0x6f0
[ 1726.010647]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.011860]  ? wait_for_completion_io+0x270/0x270
[ 1726.013062]  __x64_sys_openat+0x13f/0x1f0
[ 1726.014164]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1726.015294]  ? ksys_write+0x1a9/0x260
[ 1726.016260]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1726.017584]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1726.019060]  do_syscall_64+0x33/0x40
[ 1726.020010]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.021307] RIP: 0033:0x7f05ed26ab19
[ 1726.022322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.027263] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1726.029133] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1726.031135] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1726.032989] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.034368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1726.035282] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1726.042491] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1726.048687] FAULT_INJECTION: forcing a failure.
[ 1726.048687] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.049194] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9206 comm=syz-executor.0
[ 1726.050153] CPU: 1 PID: 9210 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1726.052392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.053399] Call Trace:
[ 1726.053722]  dump_stack+0x107/0x167
[ 1726.054331] FAULT_INJECTION: forcing a failure.
[ 1726.054331] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.054624]  should_fail.cold+0x5/0xa
[ 1726.057116]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1726.058203]  should_failslab+0x5/0x20
[ 1726.058668]  kmem_cache_alloc+0x5b/0x310
[ 1726.059172]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1726.059854]  idr_get_free+0x4b5/0x8f0
[ 1726.060331]  idr_alloc_u32+0x170/0x2d0
[ 1726.060809]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1726.061399]  ? lock_acquire+0x197/0x470
[ 1726.061951]  ? __kernfs_new_node+0xff/0x860
[ 1726.062489]  idr_alloc_cyclic+0x102/0x230
[ 1726.062994]  ? idr_alloc+0x130/0x130
[ 1726.063449]  ? rwlock_bug.part.0+0x90/0x90
[ 1726.063974]  __kernfs_new_node+0x117/0x860
[ 1726.064493]  ? mark_held_locks+0x9e/0xe0
[ 1726.064989]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1726.065568]  ? trace_hardirqs_on+0x5b/0x180
[ 1726.066107]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1726.066778]  kernfs_new_node+0x18d/0x250
[ 1726.067279]  __kernfs_create_file+0x51/0x350
[ 1726.067817]  sysfs_add_file_mode_ns+0x221/0x560
[ 1726.068387]  ? internal_create_group+0x367/0xb30
[ 1726.068964]  internal_create_group+0x324/0xb30
[ 1726.069526]  ? sysfs_remove_group+0x170/0x170
[ 1726.070084]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1726.070751]  internal_create_groups.part.0+0x90/0x140
[ 1726.071383]  sysfs_create_groups+0x25/0x50
[ 1726.071897]  device_add+0x7a9/0x1c50
[ 1726.072355]  ? lockdep_init_map_type+0x2c7/0x780
[ 1726.072930]  ? devlink_add_symlinks+0x970/0x970
[ 1726.073508]  netdev_register_kobject+0x17a/0x3b0
[ 1726.074121]  register_netdevice+0xd6e/0x1480
[ 1726.074685]  ? netdev_change_features+0xb0/0xb0
[ 1726.075281]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1726.075815]  __tun_chr_ioctl+0x2156/0x3f60
[ 1726.076334]  ? lock_downgrade+0x6d0/0x6d0
[ 1726.076839]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.077428]  ? tun_chr_poll+0x700/0x700
[ 1726.077926]  ? wait_for_completion_io+0x270/0x270
[ 1726.078524]  ? selinux_file_ioctl+0xb6/0x270
[ 1726.079064]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1726.079613]  __x64_sys_ioctl+0x19a/0x210
[ 1726.080117]  do_syscall_64+0x33/0x40
[ 1726.080570]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.081194] RIP: 0033:0x7f7955930b19
[ 1726.081646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.083902] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1726.084828] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1726.085695] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1726.086573] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.087440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1726.088344] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1726.089278] CPU: 0 PID: 9214 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1726.090155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.091167] Call Trace:
[ 1726.091505]  dump_stack+0x107/0x167
[ 1726.091958]  should_fail.cold+0x5/0xa
[ 1726.092437]  should_failslab+0x5/0x20
[ 1726.092904]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1726.093461]  io_submit_sqes+0x6fe6/0x8610
[ 1726.098025]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1726.098630]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1726.099217]  ? lock_downgrade+0x6d0/0x6d0
[ 1726.099723]  ? find_held_lock+0x2c/0x110
[ 1726.100217]  ? io_submit_sqes+0x8610/0x8610
[ 1726.100747]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.101334]  ? wait_for_completion_io+0x270/0x270
[ 1726.101937]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1726.102508]  ? vfs_write+0x354/0xb10
[ 1726.102959]  ? fput_many+0x2f/0x1a0
[ 1726.103402]  ? ksys_write+0x1a9/0x260
[ 1726.103863]  ? __ia32_sys_read+0xb0/0xb0
[ 1726.104359]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1726.104992]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1726.105617]  do_syscall_64+0x33/0x40
[ 1726.106084]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.106705] RIP: 0033:0x7fb7d3ecdb19
[ 1726.107158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.109378] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1726.110316] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1726.111177] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1726.112041] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.112902] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1726.113765] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1726.128146] FAULT_INJECTION: forcing a failure.
[ 1726.128146] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.129731] CPU: 1 PID: 9213 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1726.130595] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.131608] Call Trace:
[ 1726.131934]  dump_stack+0x107/0x167
[ 1726.132399]  should_fail.cold+0x5/0xa
[ 1726.132889]  ? __kernfs_new_node+0xd4/0x860
[ 1726.133440]  should_failslab+0x5/0x20
[ 1726.133961]  kmem_cache_alloc+0x5b/0x310
[ 1726.134461]  __kernfs_new_node+0xd4/0x860
[ 1726.134970]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1726.135552]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1726.136190]  ? kernfs_add_one+0x124/0x4d0
[ 1726.136704]  kernfs_new_node+0x18d/0x250
[ 1726.137203]  __kernfs_create_file+0x51/0x350
[ 1726.137741]  sysfs_add_file_mode_ns+0x221/0x560
[ 1726.138332]  sysfs_create_file_ns+0x131/0x1d0
[ 1726.138879]  ? sysfs_add_file_mode_ns+0x560/0x560
[ 1726.139472]  ? is_acpi_device_node+0x6e/0x90
[ 1726.140010]  device_create_file+0xea/0x1d0
[ 1726.140525]  device_add+0x547/0x1c50
[ 1726.140980]  ? lockdep_init_map_type+0x2c7/0x780
[ 1726.141554]  ? devlink_add_symlinks+0x970/0x970
[ 1726.142161]  netdev_register_kobject+0x17a/0x3b0
[ 1726.142739]  register_netdevice+0xd6e/0x1480
[ 1726.143285]  ? netdev_change_features+0xb0/0xb0
[ 1726.143851]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1726.144384]  __tun_chr_ioctl+0x2156/0x3f60
[ 1726.144900]  ? lock_downgrade+0x6d0/0x6d0
[ 1726.145407]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.146011]  ? tun_chr_poll+0x700/0x700
[ 1726.146497]  ? wait_for_completion_io+0x270/0x270
[ 1726.147097]  ? selinux_file_ioctl+0xb6/0x270
[ 1726.147640]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1726.148191]  __x64_sys_ioctl+0x19a/0x210
[ 1726.148709]  do_syscall_64+0x33/0x40
[ 1726.149182]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.149831] RIP: 0033:0x7fc68ced6b19
[ 1726.150298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.152524] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1726.153454] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1726.154332] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1726.155196] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.156059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1726.156922] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:08:19 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 11)

20:08:19 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 67)

[ 1726.224674] FAULT_INJECTION: forcing a failure.
20:08:19 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x0)

[ 1726.224674] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.230211] CPU: 0 PID: 9222 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1726.231046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.232072] Call Trace:
[ 1726.232428]  dump_stack+0x107/0x167
[ 1726.232901]  should_fail.cold+0x5/0xa
[ 1726.233399]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1726.238099]  should_failslab+0x5/0x20
[ 1726.238585]  __kmalloc_node+0x76/0x420
[ 1726.239062]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1726.239686]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1726.240298]  kmem_cache_alloc_bulk+0x182/0x320
[ 1726.240857]  io_submit_sqes+0x6fe6/0x8610
[ 1726.241365]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1726.241989]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1726.242596]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1726.243186]  ? lock_downgrade+0x6d0/0x6d0
[ 1726.243689]  ? find_held_lock+0x2c/0x110
[ 1726.244186]  ? io_submit_sqes+0x8610/0x8610
[ 1726.244718]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.245308]  ? wait_for_completion_io+0x270/0x270
[ 1726.245908]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1726.246479]  ? vfs_write+0x354/0xb10
[ 1726.246953]  ? fput_many+0x2f/0x1a0
[ 1726.247417]  ? ksys_write+0x1a9/0x260
[ 1726.247901]  ? __ia32_sys_read+0xb0/0xb0
[ 1726.248421]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1726.249086]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1726.249718]  do_syscall_64+0x33/0x40
[ 1726.250188]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.250811] RIP: 0033:0x7fb7d3ecdb19
[ 1726.251267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.253585] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1726.254540] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1726.255405] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1726.256273] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.257139] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1726.258027] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1726.273423] FAULT_INJECTION: forcing a failure.
[ 1726.273423] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.275066] CPU: 1 PID: 9224 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1726.275900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.276909] Call Trace:
[ 1726.277239]  dump_stack+0x107/0x167
[ 1726.277685]  should_fail.cold+0x5/0xa
[ 1726.278194]  ? create_object.isra.0+0x3a/0xa20
[ 1726.278754]  should_failslab+0x5/0x20
[ 1726.279219]  kmem_cache_alloc+0x5b/0x310
[ 1726.279718]  create_object.isra.0+0x3a/0xa20
[ 1726.280254]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1726.280874]  kmem_cache_alloc+0x159/0x310
[ 1726.281386]  __kernfs_new_node+0xd4/0x860
[ 1726.281911]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1726.282499]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.283087]  ? wait_for_completion_io+0x270/0x270
[ 1726.283676]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1726.284318]  kernfs_new_node+0x18d/0x250
[ 1726.284815]  __kernfs_create_file+0x51/0x350
[ 1726.285353]  sysfs_add_file_mode_ns+0x221/0x560
[ 1726.285937]  internal_create_group+0x324/0xb30
[ 1726.286501]  ? sysfs_remove_group+0x170/0x170
[ 1726.287046]  ? kernfs_add_one+0x124/0x4d0
[ 1726.287552]  ? kernfs_create_link+0x1b7/0x230
[ 1726.288100]  internal_create_groups.part.0+0x90/0x140
[ 1726.288726]  sysfs_create_groups+0x25/0x50
[ 1726.289241]  device_add+0x7a9/0x1c50
[ 1726.289698]  ? lockdep_init_map_type+0x2c7/0x780
[ 1726.290296]  ? devlink_add_symlinks+0x970/0x970
[ 1726.290877]  netdev_register_kobject+0x17a/0x3b0
[ 1726.291456]  register_netdevice+0xd6e/0x1480
[ 1726.291994]  ? netdev_change_features+0xb0/0xb0
[ 1726.292563]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1726.293096]  __tun_chr_ioctl+0x2156/0x3f60
[ 1726.293613]  ? lock_downgrade+0x6d0/0x6d0
[ 1726.294136]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.294723]  ? tun_chr_poll+0x700/0x700
[ 1726.295209]  ? wait_for_completion_io+0x270/0x270
[ 1726.295804]  ? selinux_file_ioctl+0xb6/0x270
[ 1726.296344]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1726.296892]  __x64_sys_ioctl+0x19a/0x210
[ 1726.297388]  do_syscall_64+0x33/0x40
[ 1726.297849]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.298482] RIP: 0033:0x7f7955930b19
[ 1726.298936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.301172] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1726.302121] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1726.302986] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1726.303852] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.304718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1726.305584] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1726.310305] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9206 comm=syz-executor.0
20:08:19 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 29)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:08:19 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r4, 0x0)
r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r6, &(0x7f0000000280)=ANY=[], 0xfdef)
clone3(&(0x7f0000000280)={0x0, &(0x7f0000000000), 0x0, 0x0, {}, &(0x7f0000000140)=""/133, 0x85, 0x0, 0x0, 0x0, {r6}}, 0x58)
syz_io_uring_complete(r5)
ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r7, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:19 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 30)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1726.363758] FAULT_INJECTION: forcing a failure.
[ 1726.363758] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.365337] CPU: 1 PID: 9232 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1726.366090] FAULT_INJECTION: forcing a failure.
[ 1726.366090] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.366194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.366206] Call Trace:
[ 1726.368887]  dump_stack+0x107/0x167
[ 1726.369336]  should_fail.cold+0x5/0xa
[ 1726.369803]  ? create_object.isra.0+0x3a/0xa20
[ 1726.370423]  should_failslab+0x5/0x20
[ 1726.370885]  kmem_cache_alloc+0x5b/0x310
[ 1726.371390]  create_object.isra.0+0x3a/0xa20
[ 1726.371923]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1726.372543]  kmem_cache_alloc+0x159/0x310
[ 1726.373056]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1726.373735]  idr_get_free+0x4b5/0x8f0
[ 1726.374230]  idr_alloc_u32+0x170/0x2d0
[ 1726.374706]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1726.375297]  ? lock_acquire+0x197/0x470
[ 1726.375781]  ? __kernfs_new_node+0xff/0x860
[ 1726.376314]  idr_alloc_cyclic+0x102/0x230
[ 1726.376817]  ? idr_alloc+0x130/0x130
[ 1726.377277]  ? rwlock_bug.part.0+0x90/0x90
[ 1726.377799]  __kernfs_new_node+0x117/0x860
[ 1726.378338]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1726.378920]  ? map_id_range_down+0x1c4/0x340
[ 1726.379459]  ? projid_m_show+0x220/0x220
[ 1726.379962]  kernfs_new_node+0x18d/0x250
[ 1726.380470]  kernfs_create_dir_ns+0x49/0x160
[ 1726.381006]  sysfs_create_dir_ns+0x127/0x290
[ 1726.381543]  ? sysfs_create_mount_point+0xb0/0xb0
[ 1726.382147]  ? rwlock_bug.part.0+0x90/0x90
[ 1726.382687]  ? net_namespace+0x9/0x40
[ 1726.383173]  ? device_namespace+0x95/0xd0
[ 1726.383679]  kobject_add_internal+0x25e/0xa30
[ 1726.384233]  kobject_add+0x150/0x1c0
[ 1726.384686]  ? kset_create_and_add+0x1a0/0x1a0
[ 1726.385247]  ? lockdep_init_map_type+0x2c7/0x780
[ 1726.385832]  device_add+0x35a/0x1c50
[ 1726.386308]  ? lockdep_init_map_type+0x2c7/0x780
[ 1726.386883]  ? devlink_add_symlinks+0x970/0x970
[ 1726.387460]  netdev_register_kobject+0x17a/0x3b0
[ 1726.388041]  register_netdevice+0xd6e/0x1480
[ 1726.388581]  ? netdev_change_features+0xb0/0xb0
[ 1726.389152]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1726.389685]  __tun_chr_ioctl+0x2156/0x3f60
[ 1726.390226]  ? lock_downgrade+0x6d0/0x6d0
[ 1726.390735]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.391324]  ? tun_chr_poll+0x700/0x700
[ 1726.391832]  ? wait_for_completion_io+0x270/0x270
[ 1726.392456]  ? selinux_file_ioctl+0xb6/0x270
[ 1726.393023]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1726.393599]  __x64_sys_ioctl+0x19a/0x210
[ 1726.394122]  do_syscall_64+0x33/0x40
[ 1726.394575]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.395200] RIP: 0033:0x7fc68ced6b19
[ 1726.395653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.397893] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1726.398820] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1726.399687] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1726.400553] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.401419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1726.402307] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1726.403200] CPU: 0 PID: 9230 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1726.404057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.405066] Call Trace:
[ 1726.405401]  dump_stack+0x107/0x167
[ 1726.405944]  should_fail.cold+0x5/0xa
[ 1726.406492]  ? create_object.isra.0+0x3a/0xa20
[ 1726.407054]  should_failslab+0x5/0x20
[ 1726.407521]  kmem_cache_alloc+0x5b/0x310
[ 1726.408022]  create_object.isra.0+0x3a/0xa20
[ 1726.408564]  kmemleak_vmalloc+0x49/0x120
[ 1726.409065]  __vmalloc_node_range+0x574/0x9e0
[ 1726.409620]  ? __vmalloc_node+0x110/0x110
[ 1726.410145]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1726.410882]  ? n_tty_open+0x16/0x170
[ 1726.411339]  __vmalloc_node+0xb5/0x110
[ 1726.411811]  ? n_tty_open+0x16/0x170
[ 1726.412268]  n_tty_open+0x16/0x170
[ 1726.412701]  ? n_tty_set_termios+0x1010/0x1010
[ 1726.413257]  tty_ldisc_open+0xa2/0x120
[ 1726.413733]  tty_ldisc_setup+0x43/0x100
[ 1726.414234]  tty_init_dev.part.0+0x1fa/0x610
[ 1726.414772]  ? pty_open+0x310/0x310
[ 1726.415213]  tty_init_dev+0x5b/0x80
[ 1726.415659]  ptmx_open+0x116/0x370
[ 1726.416094]  ? pty_open+0x310/0x310
[ 1726.416539]  chrdev_open+0x268/0x6e0
[ 1726.417120]  ? __unregister_chrdev+0x110/0x110
[ 1726.417680]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1726.418271]  do_dentry_open+0x4b7/0x1090
[ 1726.418767]  ? __unregister_chrdev+0x110/0x110
[ 1726.419323]  ? may_open+0x1e4/0x400
[ 1726.419767]  path_openat+0x19ba/0x2770
[ 1726.420250]  ? path_lookupat+0x860/0x860
[ 1726.420749]  ? lock_acquire+0x197/0x470
[ 1726.421233]  ? find_held_lock+0x2c/0x110
[ 1726.421737]  do_filp_open+0x190/0x3e0
[ 1726.422217]  ? may_open_dev+0xf0/0xf0
[ 1726.422694]  ? do_raw_spin_lock+0x121/0x260
[ 1726.423225]  ? rwlock_bug.part.0+0x90/0x90
[ 1726.423747]  ? _raw_spin_unlock+0x1a/0x30
[ 1726.424259]  ? alloc_fd+0x2e7/0x670
[ 1726.424711]  do_sys_openat2+0x171/0x4d0
[ 1726.425202]  ? build_open_flags+0x6f0/0x6f0
[ 1726.425727]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.426333]  ? wait_for_completion_io+0x270/0x270
[ 1726.426925]  __x64_sys_openat+0x13f/0x1f0
[ 1726.427435]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1726.427948]  ? ksys_write+0x1a9/0x260
[ 1726.428427]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1726.429073]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1726.429709]  do_syscall_64+0x33/0x40
[ 1726.430178]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.430803] RIP: 0033:0x7f05ed26ab19
[ 1726.431262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.433491] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1726.435262] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1726.436942] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1726.438796] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.440809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1726.442293] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:08:19 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 1)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:08:19 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 12)

[ 1726.526927] FAULT_INJECTION: forcing a failure.
[ 1726.526927] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.528396] CPU: 0 PID: 9238 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1726.529226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.530258] Call Trace:
[ 1726.530589]  dump_stack+0x107/0x167
[ 1726.531034]  should_fail.cold+0x5/0xa
[ 1726.531503]  ? getname_flags.part.0+0x50/0x4f0
[ 1726.532060]  should_failslab+0x5/0x20
[ 1726.532526]  kmem_cache_alloc+0x5b/0x310
[ 1726.533025]  getname_flags.part.0+0x50/0x4f0
[ 1726.533562]  getname+0x8e/0xd0
[ 1726.534002]  do_sys_openat2+0xf9/0x4d0
[ 1726.534483]  ? build_open_flags+0x6f0/0x6f0
[ 1726.535009]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.535599]  ? wait_for_completion_io+0x270/0x270
[ 1726.536190]  __x64_sys_openat+0x13f/0x1f0
[ 1726.536694]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1726.537207]  ? ksys_write+0x1a9/0x260
[ 1726.537678]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1726.538332]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1726.538957]  do_syscall_64+0x33/0x40
[ 1726.539412]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.540033] RIP: 0033:0x7f7574521b19
[ 1726.540487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.542796] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1726.543724] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1726.544589] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1726.545457] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.546339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1726.547206] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1726.564738] FAULT_INJECTION: forcing a failure.
[ 1726.564738] name failslab, interval 1, probability 0, space 0, times 0
[ 1726.567739] CPU: 0 PID: 9240 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1726.569348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1726.570630] Call Trace:
[ 1726.570958]  dump_stack+0x107/0x167
[ 1726.571405]  should_fail.cold+0x5/0xa
[ 1726.571872]  ? create_object.isra.0+0x3a/0xa20
[ 1726.572432]  should_failslab+0x5/0x20
[ 1726.572907]  kmem_cache_alloc+0x5b/0x310
[ 1726.573405]  ? find_held_lock+0x2c/0x110
[ 1726.573977]  create_object.isra.0+0x3a/0xa20
[ 1726.575010]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1726.576205]  __kmalloc_node+0x1ae/0x420
[ 1726.577140]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1726.578482]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1726.579687]  kmem_cache_alloc_bulk+0x182/0x320
[ 1726.580790]  io_submit_sqes+0x6fe6/0x8610
[ 1726.581789]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1726.582452]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1726.583071]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1726.583661]  ? lock_downgrade+0x6d0/0x6d0
[ 1726.584167]  ? find_held_lock+0x2c/0x110
[ 1726.584666]  ? io_submit_sqes+0x8610/0x8610
[ 1726.585201]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1726.585792]  ? wait_for_completion_io+0x270/0x270
[ 1726.587112]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1726.588230]  ? vfs_write+0x354/0xb10
[ 1726.589123]  ? fput_many+0x2f/0x1a0
[ 1726.590042]  ? ksys_write+0x1a9/0x260
[ 1726.590933]  ? __ia32_sys_read+0xb0/0xb0
[ 1726.591883]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1726.593122]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1726.594442]  do_syscall_64+0x33/0x40
[ 1726.595333]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1726.596566] RIP: 0033:0x7fb7d3ecdb19
[ 1726.597456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1726.602704] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1726.604500] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1726.606260] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1726.607984] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1726.609708] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1726.611734] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1740.211864] FAULT_INJECTION: forcing a failure.
[ 1740.211864] name failslab, interval 1, probability 0, space 0, times 0
[ 1740.213334] CPU: 0 PID: 9255 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1740.214163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.215243] Call Trace:
[ 1740.215591]  dump_stack+0x107/0x167
[ 1740.216074]  should_fail.cold+0x5/0xa
[ 1740.216574]  ? __get_vm_area_node+0xd4/0x340
[ 1740.217141]  should_failslab+0x5/0x20
[ 1740.217642]  kmem_cache_alloc_node_trace+0x59/0x340
[ 1740.218304]  __get_vm_area_node+0xd4/0x340
[ 1740.218887]  __vmalloc_node_range+0x13f/0x9e0
[ 1740.219477]  ? n_tty_open+0x16/0x170
[ 1740.219968]  ? n_tty_open+0x16/0x170
[ 1740.220470]  ? __vmalloc_node+0x110/0x110
[ 1740.221021]  ? up_write+0x191/0x550
[ 1740.221510]  ? down_write_killable+0x180/0x180
[ 1740.222114]  ? n_tty_open+0x16/0x170
[ 1740.222623]  __vmalloc_node+0xb5/0x110
[ 1740.223137]  ? n_tty_open+0x16/0x170
[ 1740.223633]  n_tty_open+0x16/0x170
[ 1740.224100]  ? n_tty_set_termios+0x1010/0x1010
[ 1740.224697]  tty_ldisc_open+0xa2/0x120
[ 1740.225213]  tty_ldisc_setup+0x90/0x100
[ 1740.225737]  tty_init_dev.part.0+0x1fa/0x610
[ 1740.226320]  ? pty_open+0x310/0x310
[ 1740.226807]  tty_init_dev+0x5b/0x80
[ 1740.227289]  ptmx_open+0x116/0x370
[ 1740.227754]  ? pty_open+0x310/0x310
[ 1740.228233]  chrdev_open+0x268/0x6e0
[ 1740.228725]  ? __unregister_chrdev+0x110/0x110
[ 1740.229328]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1740.229941]  do_dentry_open+0x4b7/0x1090
[ 1740.230493]  ? __unregister_chrdev+0x110/0x110
[ 1740.231089]  ? may_open+0x1e4/0x400
[ 1740.231576]  path_openat+0x19ba/0x2770
[ 1740.232096]  ? path_lookupat+0x860/0x860
[ 1740.232635]  ? lock_acquire+0x197/0x470
[ 1740.242578]  ? find_held_lock+0x2c/0x110
[ 1740.243123]  do_filp_open+0x190/0x3e0
[ 1740.243618]  ? may_open_dev+0xf0/0xf0
[ 1740.244134]  ? do_raw_spin_lock+0x121/0x260
[ 1740.244702]  ? rwlock_bug.part.0+0x90/0x90
[ 1740.245270]  ? _raw_spin_unlock+0x1a/0x30
[ 1740.245815]  ? alloc_fd+0x2e7/0x670
[ 1740.246305]  do_sys_openat2+0x171/0x4d0
[ 1740.246855]  ? build_open_flags+0x6f0/0x6f0
[ 1740.247422]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.248060]  ? wait_for_completion_io+0x270/0x270
[ 1740.248702]  __x64_sys_openat+0x13f/0x1f0
[ 1740.249246]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1740.249799]  ? ksys_write+0x1a9/0x260
[ 1740.250306]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1740.251010]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1740.251688]  do_syscall_64+0x33/0x40
[ 1740.252173]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1740.252837] RIP: 0033:0x7f05ed26ab19
[ 1740.253327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1740.255709] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1740.256632] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1740.257492] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1740.258371] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1740.259301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1740.260235] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1740.262275] syz-executor.5: vmalloc: allocation failure: 9120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0
[ 1740.265428] CPU: 0 PID: 9255 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1740.266330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.271458] Call Trace:
[ 1740.271822]  dump_stack+0x107/0x167
[ 1740.272322]  warn_alloc.cold+0x95/0x18a
[ 1740.272871]  ? zone_watermark_ok_safe+0x260/0x260
[ 1740.273525]  ? __get_vm_area_node+0xd4/0x340
[ 1740.274131]  ? __kasan_kmalloc.constprop.0+0xa2/0xd0
[ 1740.274827]  ? __get_vm_area_node+0x262/0x340
[ 1740.275449]  __vmalloc_node_range+0x58f/0x9e0
[ 1740.276050]  ? n_tty_open+0x16/0x170
[ 1740.276563]  ? __vmalloc_node+0x110/0x110
[ 1740.277124]  ? up_write+0x191/0x550
[ 1740.277621]  ? down_write_killable+0x180/0x180
[ 1740.278233]  ? n_tty_open+0x16/0x170
[ 1740.278761]  __vmalloc_node+0xb5/0x110
[ 1740.279288]  ? n_tty_open+0x16/0x170
[ 1740.279796]  n_tty_open+0x16/0x170
[ 1740.280265]  ? n_tty_set_termios+0x1010/0x1010
[ 1740.280889]  tty_ldisc_open+0xa2/0x120
[ 1740.281450]  tty_ldisc_setup+0x90/0x100
[ 1740.282048]  tty_init_dev.part.0+0x1fa/0x610
[ 1740.282653]  ? pty_open+0x310/0x310
[ 1740.283135]  tty_init_dev+0x5b/0x80
[ 1740.283617]  ptmx_open+0x116/0x370
[ 1740.284085]  ? pty_open+0x310/0x310
[ 1740.284562]  chrdev_open+0x268/0x6e0
[ 1740.285050]  ? __unregister_chrdev+0x110/0x110
[ 1740.290466]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1740.291081]  do_dentry_open+0x4b7/0x1090
[ 1740.291615]  ? __unregister_chrdev+0x110/0x110
[ 1740.292210]  ? may_open+0x1e4/0x400
[ 1740.292691]  path_openat+0x19ba/0x2770
[ 1740.293214]  ? path_lookupat+0x860/0x860
[ 1740.293751]  ? lock_acquire+0x197/0x470
[ 1740.294275]  ? find_held_lock+0x2c/0x110
[ 1740.294845]  do_filp_open+0x190/0x3e0
[ 1740.295354]  ? may_open_dev+0xf0/0xf0
[ 1740.295873]  ? do_raw_spin_lock+0x121/0x260
[ 1740.296450]  ? rwlock_bug.part.0+0x90/0x90
[ 1740.297018]  ? _raw_spin_unlock+0x1a/0x30
[ 1740.297576]  ? alloc_fd+0x2e7/0x670
[ 1740.298074]  do_sys_openat2+0x171/0x4d0
[ 1740.298625]  ? build_open_flags+0x6f0/0x6f0
[ 1740.299210]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.299872]  ? wait_for_completion_io+0x270/0x270
[ 1740.300513]  __x64_sys_openat+0x13f/0x1f0
[ 1740.301081]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1740.301635]  ? ksys_write+0x1a9/0x260
[ 1740.302168]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1740.302873]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1740.303573]  do_syscall_64+0x33/0x40
[ 1740.304071]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1740.304766] RIP: 0033:0x7f05ed26ab19
[ 1740.305282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1740.307735] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1740.308745] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1740.309685] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1740.310665] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1740.311605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1740.312556] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1740.314957] Mem-Info:
[ 1740.316206] active_anon:56 inactive_anon:53294 isolated_anon:0
[ 1740.316206]  active_file:14400 inactive_file:72229 isolated_file:0
[ 1740.316206]  unevictable:0 dirty:156 writeback:0
20:08:33 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 68)

20:08:33 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 30)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:08:33 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:08:33 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 13)

20:08:33 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 31)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:08:33 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 2)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:08:33 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x4)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:33 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000200)="ae", 0x1}], 0x1)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, r0, 0x6, 0x4})
pread64(r0, &(0x7f0000000140)=""/52, 0x34, 0x2)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r1, 0x0, 0x0, 0x8000)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000240)={'vxcan1\x00', <r4=>0x0})
connect$packet(r0, &(0x7f00000002c0)={0x11, 0x10, r4, 0x1, 0xff}, 0x14)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = pidfd_getfd(r1, r6, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f00000000c0)={@loopback, 0x1c, r4})
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r8, 0x400448ca, 0x0)

20:08:33 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000006c0), 0x4)
execveat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)=[&(0x7f0000000140)='\x00', &(0x7f00000001c0)='\x00', &(0x7f0000000200)='\xc4$+(/--^\xc4\x00', &(0x7f0000000240)='%\x00', &(0x7f0000000280)='-\x00', &(0x7f0000000300)='\x00'], &(0x7f0000000640)=[&(0x7f0000000380)='}]\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='\x00', &(0x7f0000000440)='&u/\v&+*..[\x00', &(0x7f0000000500)='\x00', &(0x7f0000000540)='\x00', &(0x7f0000000580)='\x00', &(0x7f00000005c0)='\x00', &(0x7f0000000600)='\x00'], 0x800)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r6, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1740.316206]  slab_reclaimable:8829 slab_unreclaimable:63426
[ 1740.316206]  mapped:81834 shmem:664 pagetables:1564 bounce:0
[ 1740.316206]  free:93787 free_pcp:590 free_cma:0
[ 1740.318489] FAULT_INJECTION: forcing a failure.
[ 1740.318489] name failslab, interval 1, probability 0, space 0, times 0
[ 1740.320352] Node 0 active_anon:224kB inactive_anon:213176kB active_file:57600kB inactive_file:288916kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:327336kB dirty:624kB writeback:0kB shmem:2656kB writeback_tmp:0kB kernel_stack:4544kB all_unreclaimable? no
[ 1740.321566] CPU: 1 PID: 9251 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1740.333198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.334201] Call Trace:
[ 1740.334535]  dump_stack+0x107/0x167
[ 1740.334977]  should_fail.cold+0x5/0xa
[ 1740.335441]  ? __kernfs_new_node+0xd4/0x860
[ 1740.335970]  should_failslab+0x5/0x20
[ 1740.336431]  kmem_cache_alloc+0x5b/0x310
[ 1740.336927]  __kernfs_new_node+0xd4/0x860
[ 1740.337432]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1740.338009]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.338467] Node 0 
[ 1740.342620]  ? wait_for_completion_io+0x270/0x270
[ 1740.342639]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1740.342661]  kernfs_new_node+0x18d/0x250
[ 1740.342681]  __kernfs_create_file+0x51/0x350
[ 1740.343000] DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1740.343528]  sysfs_add_file_mode_ns+0x221/0x560
[ 1740.343551]  internal_create_group+0x324/0xb30
[ 1740.344180] lowmem_reserve[]:
[ 1740.344648]  ? sysfs_remove_group+0x170/0x170
[ 1740.344666]  ? kernfs_add_one+0x124/0x4d0
[ 1740.345220]  0
[ 1740.348182]  ? kernfs_create_link+0x1b7/0x230
[ 1740.348201]  internal_create_groups.part.0+0x90/0x140
[ 1740.348219]  sysfs_create_groups+0x25/0x50
[ 1740.348777]  1616
[ 1740.349311]  device_add+0x7a9/0x1c50
[ 1740.349328]  ? lockdep_init_map_type+0x2c7/0x780
[ 1740.349345]  ? devlink_add_symlinks+0x970/0x970
[ 1740.349718]  1616
[ 1740.350252]  netdev_register_kobject+0x17a/0x3b0
[ 1740.350273]  register_netdevice+0xd6e/0x1480
[ 1740.350790]  1616
[ 1740.351006]  ? netdev_change_features+0xb0/0xb0
[ 1740.351033]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1740.351599] 
[ 1740.352179]  __tun_chr_ioctl+0x2156/0x3f60
[ 1740.352200]  ? lock_downgrade+0x6d0/0x6d0
[ 1740.352750] Node 0 
[ 1740.352954]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.353433] DMA32 free:359000kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:224kB inactive_anon:213176kB active_file:57600kB inactive_file:288916kB unevictable:0kB writepending:700kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:6256kB bounce:0kB free_pcp:2328kB local_pcp:1272kB free_cma:0kB
[ 1740.353961]  ? tun_chr_poll+0x700/0x700
[ 1740.354607] lowmem_reserve[]:
[ 1740.354795]  ? wait_for_completion_io+0x270/0x270
[ 1740.355368]  0
[ 1740.355881]  ? selinux_file_ioctl+0xb6/0x270
[ 1740.355902]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1740.356179]  0
[ 1740.356700]  __x64_sys_ioctl+0x19a/0x210
[ 1740.356720]  do_syscall_64+0x33/0x40
[ 1740.357250]  0
[ 1740.357434]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1740.357447] RIP: 0033:0x7f7955930b19
[ 1740.358003]  0
[ 1740.358458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1740.358470] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246
[ 1740.358751] 
[ 1740.359306]  ORIG_RAX: 0000000000000010
[ 1740.359316] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1740.359325] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1740.359339] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1740.362814] Node 0 
[ 1740.363216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1740.363226] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1740.366357] FAULT_INJECTION: forcing a failure.
[ 1740.366357] name failslab, interval 1, probability 0, space 0, times 0
[ 1740.370502] DMA: 
[ 1740.371063] CPU: 1 PID: 9249 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1740.371074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.371345] 1*4kB 
[ 1740.371770] Call Trace:
[ 1740.371786]  dump_stack+0x107/0x167
[ 1740.372242] (U) 
[ 1740.372449]  should_fail.cold+0x5/0xa
[ 1740.372464]  ? create_object.isra.0+0x3a/0xa20
[ 1740.373134] 0*8kB 
[ 1740.373516]  ? create_object.isra.0+0x3a/0xa20
[ 1740.373733] 0*16kB 
[ 1740.375936]  should_failslab+0x5/0x20
[ 1740.375950]  kmem_cache_alloc+0x5b/0x310
[ 1740.375968]  create_object.isra.0+0x3a/0xa20
[ 1740.376665] 1*32kB 
[ 1740.376807]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1740.377351] (U) 
[ 1740.378130]  kmem_cache_alloc+0x159/0x310
[ 1740.378151]  getname_flags.part.0+0x50/0x4f0
[ 1740.379054] 2*64kB 
[ 1740.379870]  getname+0x8e/0xd0
[ 1740.379886]  do_sys_openat2+0xf9/0x4d0
[ 1740.380176] (U) 
[ 1740.381007]  ? build_open_flags+0x6f0/0x6f0
[ 1740.381021]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.381039]  ? wait_for_completion_io+0x270/0x270
[ 1740.381897] 1*128kB 
[ 1740.383212]  __x64_sys_openat+0x13f/0x1f0
[ 1740.383228]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1740.383239]  ? ksys_write+0x1a9/0x260
[ 1740.383259]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1740.383515] (U) 
[ 1740.384313]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1740.384329]  do_syscall_64+0x33/0x40
[ 1740.384348]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1740.385404] 1*256kB 
[ 1740.385601] RIP: 0033:0x7f7574521b19
[ 1740.385905] (U) 
[ 1740.386337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1740.386356] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1740.386371] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1740.386381] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1740.386393] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1740.386648] 0*512kB 
[ 1740.387087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1740.387096] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1740.426631] 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1740.427419] Node 0 DMA32: 582*4kB (UME) 610*8kB (UME) 268*16kB (UME) 66*32kB (UME) 127*64kB (UME) 104*128kB (UM) 76*256kB (UME) 40*512kB (UM) 29*1024kB (UME) 16*2048kB (U) 54*4096kB (UM) = 358632kB
[ 1740.429754] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1740.432275] 29013 total pagecache pages
[ 1740.432792] 0 pages in swap cache
[ 1740.433254] Swap cache stats: add 0, delete 0, find 0/0
[ 1740.433941] Free swap  = 0kB
[ 1740.434368] Total swap = 0kB
[ 1740.435159] 524158 pages RAM
[ 1740.435526] 0 pages HighMem/MovableOnly
[ 1740.436079] 105064 pages reserved
[ 1740.474657] FAULT_INJECTION: forcing a failure.
[ 1740.474657] name failslab, interval 1, probability 0, space 0, times 0
[ 1740.476057] CPU: 0 PID: 9254 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1740.476884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.477890] Call Trace:
[ 1740.478217]  dump_stack+0x107/0x167
[ 1740.494700]  should_fail.cold+0x5/0xa
[ 1740.495189]  ? create_object.isra.0+0x3a/0xa20
[ 1740.495770]  should_failslab+0x5/0x20
[ 1740.496233]  kmem_cache_alloc+0x5b/0x310
[ 1740.496726]  ? mark_held_locks+0x9e/0xe0
[ 1740.497220]  create_object.isra.0+0x3a/0xa20
[ 1740.497752]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1740.498379]  kmem_cache_alloc_bulk+0x168/0x320
[ 1740.498941]  io_submit_sqes+0x6fe6/0x8610
[ 1740.499462]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1740.500065]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1740.500650]  ? lock_downgrade+0x6d0/0x6d0
[ 1740.501150]  ? find_held_lock+0x2c/0x110
[ 1740.501646]  ? io_submit_sqes+0x8610/0x8610
[ 1740.502175]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.502778]  ? wait_for_completion_io+0x270/0x270
[ 1740.503364]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1740.503925]  ? vfs_write+0x354/0xb10
[ 1740.504381]  ? fput_many+0x2f/0x1a0
[ 1740.504822]  ? ksys_write+0x1a9/0x260
[ 1740.505284]  ? __ia32_sys_read+0xb0/0xb0
[ 1740.505777]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1740.506421]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1740.507049]  do_syscall_64+0x33/0x40
[ 1740.507501]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1740.508119] RIP: 0033:0x7fb7d3ecdb19
[ 1740.508572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1740.526829] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1740.527752] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1740.528618] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1740.529480] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1740.530341] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1740.531218] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1740.535575] FAULT_INJECTION: forcing a failure.
[ 1740.535575] name failslab, interval 1, probability 0, space 0, times 0
[ 1740.537009] CPU: 0 PID: 9273 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1740.537837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.538852] Call Trace:
[ 1740.539172]  dump_stack+0x107/0x167
[ 1740.539615]  should_fail.cold+0x5/0xa
[ 1740.540080]  ? __kernfs_new_node+0xd4/0x860
[ 1740.540605]  should_failslab+0x5/0x20
[ 1740.541066]  kmem_cache_alloc+0x5b/0x310
[ 1740.541564]  __kernfs_new_node+0xd4/0x860
20:08:33 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 69)

[ 1740.542069]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1740.558682]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1740.559321]  ? kernfs_add_one+0x124/0x4d0
[ 1740.559831]  kernfs_new_node+0x18d/0x250
[ 1740.560327]  __kernfs_create_file+0x51/0x350
[ 1740.560860]  sysfs_add_file_mode_ns+0x221/0x560
[ 1740.561428]  sysfs_create_file_ns+0x131/0x1d0
[ 1740.561970]  ? sysfs_add_file_mode_ns+0x560/0x560
[ 1740.562573]  ? is_acpi_device_node+0x6e/0x90
[ 1740.563109]  device_create_file+0xea/0x1d0
[ 1740.563623]  device_add+0x547/0x1c50
[ 1740.564081]  ? lockdep_init_map_type+0x2c7/0x780
[ 1740.564653]  ? devlink_add_symlinks+0x970/0x970
[ 1740.565225]  netdev_register_kobject+0x17a/0x3b0
[ 1740.565800]  register_netdevice+0xd6e/0x1480
[ 1740.566342]  ? netdev_change_features+0xb0/0xb0
[ 1740.566921]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1740.567452]  __tun_chr_ioctl+0x2156/0x3f60
[ 1740.567966]  ? lock_downgrade+0x6d0/0x6d0
[ 1740.568469]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.569051]  ? tun_chr_poll+0x700/0x700
[ 1740.569535]  ? wait_for_completion_io+0x270/0x270
[ 1740.570125]  ? selinux_file_ioctl+0xb6/0x270
[ 1740.570675]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1740.571220]  __x64_sys_ioctl+0x19a/0x210
[ 1740.571712]  do_syscall_64+0x33/0x40
[ 1740.572163]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1740.572783] RIP: 0033:0x7fc68ced6b19
[ 1740.573235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1740.587576] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1740.588572] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1740.589515] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1740.590492] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1740.591413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1740.592343] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:08:34 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_setup(0x568d, &(0x7f0000000100)={0x0, 0x6f66, 0x4, 0x3, 0x4a}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)=<r3=>0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x3, 0x0, r5, 0x80, &(0x7f0000000240)=@vsock={0x28, 0x0, 0x2710, @host}, 0x0, 0x0, 0x0, {0x0, r6}}, 0x6)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r7, 0x0, 0x0}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r8, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r7, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1740.672366] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1740.719951] FAULT_INJECTION: forcing a failure.
[ 1740.719951] name failslab, interval 1, probability 0, space 0, times 0
[ 1740.722690] CPU: 1 PID: 9276 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1740.724820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.727371] Call Trace:
[ 1740.728121]  dump_stack+0x107/0x167
[ 1740.729140]  should_fail.cold+0x5/0xa
[ 1740.730221]  ? create_object.isra.0+0x3a/0xa20
[ 1740.731655]  should_failslab+0x5/0x20
[ 1740.732863]  kmem_cache_alloc+0x5b/0x310
[ 1740.734141]  create_object.isra.0+0x3a/0xa20
[ 1740.735539]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1740.737111]  kmem_cache_alloc+0x159/0x310
[ 1740.738428]  __kernfs_new_node+0xd4/0x860
[ 1740.739726]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1740.740177] audit: type=1400 audit(1729282114.127:19): avc:  denied  { execute } for  pid=9279 comm="syz-executor.1" path="pipe:[33864]" dev="pipefs" ino=33864 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=fifo_file permissive=1
[ 1740.741090]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.741109]  ? wait_for_completion_io+0x270/0x270
[ 1740.741132]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1740.749074]  kernfs_new_node+0x18d/0x250
[ 1740.750304]  __kernfs_create_file+0x51/0x350
[ 1740.751666]  sysfs_add_file_mode_ns+0x221/0x560
[ 1740.753117]  internal_create_group+0x324/0xb30
[ 1740.754538]  ? sysfs_remove_group+0x170/0x170
[ 1740.755796]  ? kernfs_add_one+0x124/0x4d0
[ 1740.756974]  ? kernfs_create_link+0x1b7/0x230
[ 1740.758234]  internal_create_groups.part.0+0x90/0x140
[ 1740.759836]  sysfs_create_groups+0x25/0x50
[ 1740.761126]  device_add+0x7a9/0x1c50
[ 1740.762296]  ? lockdep_init_map_type+0x2c7/0x780
[ 1740.763744]  ? devlink_add_symlinks+0x970/0x970
[ 1740.765180]  netdev_register_kobject+0x17a/0x3b0
[ 1740.766646]  register_netdevice+0xd6e/0x1480
[ 1740.768035]  ? netdev_change_features+0xb0/0xb0
[ 1740.769468]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1740.770843]  __tun_chr_ioctl+0x2156/0x3f60
[ 1740.772158]  ? lock_downgrade+0x6d0/0x6d0
[ 1740.773466]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.774975]  ? tun_chr_poll+0x700/0x700
[ 1740.776233]  ? wait_for_completion_io+0x270/0x270
[ 1740.777752]  ? selinux_file_ioctl+0xb6/0x270
[ 1740.779146]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1740.780538]  __x64_sys_ioctl+0x19a/0x210
[ 1740.781802]  do_syscall_64+0x33/0x40
[ 1740.782989]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1740.784613] RIP: 0033:0x7f7955930b19
[ 1740.785770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1740.791616] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1740.793994] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1740.796254] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1740.798501] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1740.800748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1740.802995] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:08:34 executing program 0:
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, 0x0, 0x3)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x9)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2)
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4)
pkey_mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0xffffffffffffffff)
sendfile(r1, r0, 0x0, 0x9bbb)

20:08:34 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x7, 0x2010, r0, 0x8000000)
io_uring_enter(r0, 0x21a8, 0xcd1b, 0x3, &(0x7f0000000100)={[0x2]}, 0x8)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:34 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 31)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:08:34 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 3)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1740.918954] FAULT_INJECTION: forcing a failure.
[ 1740.918954] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1740.921338] CPU: 0 PID: 9293 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1740.923459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.925778] Call Trace:
[ 1740.926526]  dump_stack+0x107/0x167
[ 1740.927532]  should_fail.cold+0x5/0xa
[ 1740.928574]  strncpy_from_user+0x34/0x470
[ 1740.929718]  getname_flags.part.0+0x95/0x4f0
[ 1740.932854] FAULT_INJECTION: forcing a failure.
[ 1740.932854] name failslab, interval 1, probability 0, space 0, times 0
[ 1740.934957]  getname+0x8e/0xd0
[ 1740.934972]  do_sys_openat2+0xf9/0x4d0
[ 1740.934986]  ? build_open_flags+0x6f0/0x6f0
[ 1740.934999]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1740.935014]  ? wait_for_completion_io+0x270/0x270
[ 1740.935031]  __x64_sys_openat+0x13f/0x1f0
[ 1740.935043]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1740.935054]  ? ksys_write+0x1a9/0x260
[ 1740.935072]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1740.935088]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1740.943885]  do_syscall_64+0x33/0x40
[ 1740.944867]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1740.945552] RIP: 0033:0x7f7574521b19
[ 1740.946581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1740.949012] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1740.951135] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1740.953102] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1740.955098] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1740.957068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1740.959063] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1740.961058] CPU: 1 PID: 9295 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1740.962377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1740.963985] Call Trace:
[ 1740.964360]  dump_stack+0x107/0x167
[ 1740.964865]  should_fail.cold+0x5/0xa
[ 1740.965397]  ? create_object.isra.0+0x3a/0xa20
[ 1740.966698]  should_failslab+0x5/0x20
[ 1740.967228]  kmem_cache_alloc+0x5b/0x310
[ 1740.968378]  ? lock_chain_count+0x20/0x20
[ 1740.969544]  create_object.isra.0+0x3a/0xa20
[ 1740.970801]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1740.972232]  kmem_cache_alloc_node_trace+0x16d/0x340
20:08:34 executing program 0:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000040)={0x678, 0x3ff, 0xee0, 0xffff, 0x1a, "0aa09b0a9af6a8a9"})
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=<r1=>0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
sendmsg$nl_generic(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, 0x28, 0x100, 0x70bd29, 0x25dfdbff, {0x5}, [@typed={0x8, 0x1b, 0x0, 0x0, @fd=r0}, @typed={0x14, 0x8a, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}}, @typed={0x4, 0x8}, @typed={0x8, 0x4a, 0x0, 0x0, @pid=r1}, @typed={0x14, 0xe, 0x0, 0x0, @ipv6=@loopback}, @typed={0x6, 0x40, 0x0, 0x0, @str='\xfc\x00'}, @typed={0x8, 0x8a, 0x0, 0x0, @u32=0x7}, @typed={0x4, 0x25}]}, 0x64}, 0x1, 0x0, 0x0, 0x4044}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)

20:08:34 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 32)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:08:34 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 14)

[ 1740.973675]  __get_vm_area_node+0xd4/0x340
[ 1740.976983] FAULT_INJECTION: forcing a failure.
[ 1740.976983] name failslab, interval 1, probability 0, space 0, times 0
[ 1740.979411]  __vmalloc_node_range+0x13f/0x9e0
[ 1740.979424]  ? n_tty_open+0x16/0x170
[ 1740.979434]  ? n_tty_open+0x16/0x170
[ 1740.979453]  ? __vmalloc_node+0x110/0x110
[ 1740.979466]  ? up_write+0x191/0x550
[ 1740.979480]  ? down_write_killable+0x180/0x180
[ 1740.979492]  ? n_tty_open+0x16/0x170
[ 1740.979504]  __vmalloc_node+0xb5/0x110
[ 1740.979515]  ? n_tty_open+0x16/0x170
[ 1740.979529]  n_tty_open+0x16/0x170
[ 1740.979540]  ? n_tty_set_termios+0x1010/0x1010
[ 1740.979550]  tty_ldisc_open+0xa2/0x120
[ 1740.979568]  tty_ldisc_setup+0x90/0x100
[ 1740.989436]  tty_init_dev.part.0+0x1fa/0x610
[ 1740.990034]  ? pty_open+0x310/0x310
[ 1740.994545]  tty_init_dev+0x5b/0x80
[ 1740.995036]  ptmx_open+0x116/0x370
[ 1740.995550]  ? pty_open+0x310/0x310
[ 1740.996077]  chrdev_open+0x268/0x6e0
[ 1740.996607]  ? __unregister_chrdev+0x110/0x110
[ 1740.997268]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1740.997945]  do_dentry_open+0x4b7/0x1090
[ 1740.998524]  ? __unregister_chrdev+0x110/0x110
[ 1740.999138]  ? may_open+0x1e4/0x400
[ 1740.999627]  path_openat+0x19ba/0x2770
[ 1741.000160]  ? path_lookupat+0x860/0x860
[ 1741.000708]  ? lock_acquire+0x197/0x470
[ 1741.001243]  ? find_held_lock+0x2c/0x110
[ 1741.001800]  do_filp_open+0x190/0x3e0
[ 1741.002313]  ? may_open_dev+0xf0/0xf0
[ 1741.002845]  ? do_raw_spin_lock+0x121/0x260
[ 1741.003429]  ? rwlock_bug.part.0+0x90/0x90
[ 1741.004004]  ? _raw_spin_unlock+0x1a/0x30
[ 1741.004563]  ? alloc_fd+0x2e7/0x670
[ 1741.005059]  do_sys_openat2+0x171/0x4d0
[ 1741.005598]  ? build_open_flags+0x6f0/0x6f0
[ 1741.006179]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1741.006841]  ? wait_for_completion_io+0x270/0x270
[ 1741.007498]  __x64_sys_openat+0x13f/0x1f0
[ 1741.008057]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1741.008625]  ? ksys_write+0x1a9/0x260
[ 1741.009151]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1741.009859]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1741.010564]  do_syscall_64+0x33/0x40
[ 1741.011062]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1741.011749] RIP: 0033:0x7f05ed26ab19
[ 1741.012260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1741.014743] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1741.015772] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1741.016732] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1741.017692] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1741.022672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1741.023631] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1741.024631] CPU: 0 PID: 9292 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1741.026540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1741.028851] Call Trace:
[ 1741.029583]  dump_stack+0x107/0x167
[ 1741.030621]  should_fail.cold+0x5/0xa
[ 1741.031689]  ? create_object.isra.0+0x3a/0xa20
[ 1741.032956]  should_failslab+0x5/0x20
[ 1741.034021]  kmem_cache_alloc+0x5b/0x310
[ 1741.035173]  ? mutex_lock_io_nested+0xf30/0xf30
[ 1741.036456]  create_object.isra.0+0x3a/0xa20
[ 1741.037678]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1741.039094]  kmem_cache_alloc+0x159/0x310
[ 1741.040252]  __kernfs_new_node+0xd4/0x860
[ 1741.041392]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1741.042863]  ? kernfs_add_one+0x124/0x4d0
[ 1741.044004]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1741.045325]  ? lock_acquire+0x197/0x470
[ 1741.046428]  ? find_held_lock+0x2c/0x110
[ 1741.047559]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1741.048889]  kernfs_new_node+0x18d/0x250
[ 1741.050016]  kernfs_create_link+0xcb/0x230
[ 1741.051197]  sysfs_do_create_link_sd+0x90/0x140
[ 1741.052490]  sysfs_create_link+0x5f/0xc0
[ 1741.053606]  device_add+0x5e1/0x1c50
[ 1741.054741]  ? lockdep_init_map_type+0x2c7/0x780
[ 1741.056050]  ? devlink_add_symlinks+0x970/0x970
[ 1741.057353]  netdev_register_kobject+0x17a/0x3b0
[ 1741.058673]  register_netdevice+0xd6e/0x1480
[ 1741.059899]  ? netdev_change_features+0xb0/0xb0
[ 1741.061180]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1741.062392]  __tun_chr_ioctl+0x2156/0x3f60
[ 1741.063569]  ? lock_downgrade+0x6d0/0x6d0
[ 1741.064718]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1741.066046]  ? tun_chr_poll+0x700/0x700
[ 1741.067163]  ? wait_for_completion_io+0x270/0x270
[ 1741.068500]  ? selinux_file_ioctl+0xb6/0x270
[ 1741.069721]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1741.070974]  __x64_sys_ioctl+0x19a/0x210
[ 1741.072101]  do_syscall_64+0x33/0x40
[ 1741.073119]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1741.074554] RIP: 0033:0x7fc68ced6b19
[ 1741.075570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1741.080719] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1741.082830] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1741.084811] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1741.086804] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1741.088788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1741.090777] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1741.108345] FAULT_INJECTION: forcing a failure.
[ 1741.108345] name failslab, interval 1, probability 0, space 0, times 0
[ 1741.111679] CPU: 0 PID: 9299 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1741.113271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1741.115313] Call Trace:
[ 1741.115920]  dump_stack+0x107/0x167
[ 1741.116763]  should_fail.cold+0x5/0xa
[ 1741.117646]  ? create_object.isra.0+0x3a/0xa20
[ 1741.118804]  should_failslab+0x5/0x20
[ 1741.119670]  kmem_cache_alloc+0x5b/0x310
[ 1741.120590]  ? mark_held_locks+0x9e/0xe0
[ 1741.121512]  create_object.isra.0+0x3a/0xa20
[ 1741.122562]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1741.123750]  kmem_cache_alloc_bulk+0x168/0x320
[ 1741.124818]  io_submit_sqes+0x6fe6/0x8610
[ 1741.125800]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1741.127087]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1741.128187]  ? lock_downgrade+0x6d0/0x6d0
[ 1741.129125]  ? find_held_lock+0x2c/0x110
[ 1741.130049]  ? io_submit_sqes+0x8610/0x8610
[ 1741.131202]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1741.132329]  ? wait_for_completion_io+0x270/0x270
[ 1741.134759]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1741.135816]  ? vfs_write+0x354/0xb10
[ 1741.136660]  ? fput_many+0x2f/0x1a0
[ 1741.137486]  ? ksys_write+0x1a9/0x260
[ 1741.138349]  ? __ia32_sys_read+0xb0/0xb0
[ 1741.138849]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1741.139454]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1741.140050]  do_syscall_64+0x33/0x40
[ 1741.140482]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1741.141072] RIP: 0033:0x7fb7d3ecdb19
[ 1741.141504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1741.143643] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1741.144521] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1741.145344] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1741.146166] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1741.147005] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1741.147827] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:08:34 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_setup(0x575a, &(0x7f0000000200)={0x0, 0xc24d, 0x2, 0x3, 0x12d}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000280), &(0x7f0000000300)=<r4=>0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000340)=@IORING_OP_NOP={0x0, 0x3}, 0xfffffffc)
io_uring_enter(r0, 0x2e06, 0x88d3, 0x2, &(0x7f0000000100)={[0xffffffffffffffff]}, 0x8)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
nanosleep(&(0x7f0000000140), &(0x7f00000001c0))
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:34 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:08:34 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 15)

20:08:34 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:08:34 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
ioctl$sock_inet_SIOCDARP(r3, 0x8953, &(0x7f0000000100)={{0x2, 0x4e20, @broadcast}, {0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x24, {0x2, 0x9, @rand_addr=0x64010101}, 'macvlan1\x00'})
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000000, 0x20010, r0, 0x10000000)
r7 = syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0xfff, 0x8, &(0x7f00000007c0)=[{&(0x7f0000000240)="9788991c295961b7e5a49163433cb112806c0450d32e4590091bcb6ebc9d05d08922ab99e0dbac26b83b96b7eb10128e7f6718634cbb3df4f20afae9687b", 0x3e, 0x1}, {&(0x7f0000000300)="08219dcf693a9b4a2deb61e29fba60d448bd4c801aba84a2b4cecb19a30ac473bdb16d8b2de9de6776dd056afdfe066aa688486db9c6dda7cad6f344aca369716aa4740f14966d67f06b1411b480cdd06a521d4e7eccbaf9b717e432964347a8b87d760f5281", 0x66, 0x80000001}, {&(0x7f0000000380)="f11a5ede7ac84d3d4d160ad4212b8b7a00824ac38d470d31cbec24ad8f563efe1d7b04ac76bcb261210a4fb3d338e917e36672c77397929687ada6fd1365732dbb4aff99c5d08f035dde0047073afca15fc90d30828a9dd211cbc9bce13584645970f1db167ed18bc51aaa01d0ebd5ceffa6dd722505ca74f6457e5cbf029eae88a0bd02cff0eafe63b37f2d0edd8b3db8b000d76b35e1faf647e3bf301bdec7185d9d3c60d8b96d4fbecec4d6acc74b946032039b5e8ea1430e07224f", 0xbd, 0x81}, {&(0x7f0000000280)="ba3b413eaaa8d46c4e19947e9f4efdf97859440bd6e2143a2099937751046f90a6ed730f22a1bfd88afb", 0x2a, 0xff}, {&(0x7f0000000500)="fb4271543e1ba47295eaae121da7d642b7d3296872c041980a1a2bcbda24b5c412d0da146d560f993131ca386b1c15ebe7fa51fb7f67854838d181a0bc8a8550dcc769a5a5575f8f7e5b50e62833875fa6ce8bd01663236c80008fd53b937245643f66ed8763489c57ab4ab0fbdcd15593152ecc2271f32cbc3c3ed9439d312961b659c3343674dc5a14ffeb40b4c392b5a08051b45934c8940c436812edfbc640e03de066fe7191cfb3a54c010b2b09a6867a48ca380721791483e0f13cfcaa00d04e31dafc9a7adaf03c1f67cd4a3f48df9044fbe8f626d9f4476a2ee2a54b54cd2a10eccf9ad4d2729258f7e2e1d4df5d4f06174487a2b41520", 0xfb, 0x40}, {&(0x7f0000000600)="79385f4355b2d636f610cc87c9c75c155f028f61230375dbfcfc0f4d1fbc3d2766782be8205388e491b8cc7f9a051487b7d7c7793da540decfd9840657fc0b057b", 0x41, 0xffffffff00000001}, {&(0x7f0000000680)="3c67c0fa00e9ec00170cf46aa2678ab9ca812f93ba71d3543ecb5f7a582278e18850396191790263cae61b3891bd2da8be7941a5850b218f6f3168b3fb8ca4bf3c78148991ad4c19da4f2188967dd63b7039b2b4e6c4e1147fc82ed213f7154ad9c787e778dd085d3b9eff3530e9d41cf6d26368b0cc2e927812552a01b17c01175402", 0x83, 0x2}, {&(0x7f0000000740)="4c1541e9dbc390bda49f92e3a97196e4dbc437542c4558ca81db079b2a884bd4a9ddc839f2d928b79e8d6ae4de5ce440f075f827177cafea2348b108c5cdbf76594e35c49853da8eec16ab2baa305df0539aa095373d4e", 0x57, 0xfffffffffffffffe}], 0xf400, &(0x7f0000000880)={[{@cruft}, {@utf8}, {@nocompress}, {@uid}, {@unhide}, {@overriderock}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@gid}, {@check_strict}], [{@uid_eq={'uid', 0x3d, 0xee01}}, {@hash}, {@audit}, {@subj_user={'subj_user', 0x3d, ')'}}]})
r8 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}}, 0x0)
syz_io_uring_submit(r4, r6, &(0x7f0000000a40)=@IORING_OP_WRITEV={0x2, 0x4, 0x2004, @fd=r7, 0x10000, &(0x7f0000000a00)=[{&(0x7f0000000440)="90b8cb3c24ec9169c841b2096f8511f49b04e2ba2ee90cdb", 0x18}, {&(0x7f0000000940)="07b1ca0536e23fc483cb49e84d957f58040da66a5baf192d756fdc25a4b5e6e8b0300dbb2ab00c01308a21c05a4eb4512e6d9fe3a663cdadc6d66f7a855655573756f5ad6e78303ef553ec177206a32743d62550f38538086242050dbb57fe7af6ded365fb7faf32e758a3ebffd6f8c3d1673524c17d80385423aea23fa8afb278b5020fd79cba1e31119321d0095237bec9823a83911b22d87d790f54df1c", 0x9f}], 0x2, 0x13, 0x1, {0x0, r11}}, 0x8)
syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1741.298427] FAULT_INJECTION: forcing a failure.
[ 1741.298427] name failslab, interval 1, probability 0, space 0, times 0
[ 1741.300100] CPU: 1 PID: 9314 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1741.300927] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1741.301926] Call Trace:
[ 1741.302253]  dump_stack+0x107/0x167
[ 1741.302710]  should_fail.cold+0x5/0xa
[ 1741.303175]  ? create_object.isra.0+0x3a/0xa20
[ 1741.303736]  should_failslab+0x5/0x20
[ 1741.304199]  kmem_cache_alloc+0x5b/0x310
[ 1741.304692]  ? mark_held_locks+0x9e/0xe0
[ 1741.305187]  create_object.isra.0+0x3a/0xa20
[ 1741.305720]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1741.306339]  kmem_cache_alloc_bulk+0x168/0x320
[ 1741.310669]  io_submit_sqes+0x6fe6/0x8610
[ 1741.311194]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1741.311796]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1741.312381]  ? lock_downgrade+0x6d0/0x6d0
[ 1741.312881]  ? find_held_lock+0x2c/0x110
[ 1741.313377]  ? io_submit_sqes+0x8610/0x8610
[ 1741.313906]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1741.314509]  ? wait_for_completion_io+0x270/0x270
[ 1741.315097]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1741.315659]  ? vfs_write+0x354/0xb10
[ 1741.316111]  ? fput_many+0x2f/0x1a0
[ 1741.316553]  ? ksys_write+0x1a9/0x260
[ 1741.317022]  ? __ia32_sys_read+0xb0/0xb0
[ 1741.317517]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1741.318151]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1741.318792]  do_syscall_64+0x33/0x40
[ 1741.319244]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1741.319865] RIP: 0033:0x7fb7d3ecdb19
[ 1741.320317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1741.322549] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1741.323470] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1741.324332] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1741.325231] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1741.326130] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1741.327012] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1755.118966] FAULT_INJECTION: forcing a failure.
[ 1755.118966] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.120634] CPU: 1 PID: 9342 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1755.121486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.121725] FAULT_INJECTION: forcing a failure.
[ 1755.121725] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.122459] Call Trace:
[ 1755.122480]  dump_stack+0x107/0x167
[ 1755.122498]  should_fail.cold+0x5/0xa
[ 1755.122518]  ? alloc_vmap_area+0x148/0x1d10
[ 1755.125506]  should_failslab+0x5/0x20
[ 1755.125951]  kmem_cache_alloc_node+0x55/0x330
[ 1755.126485]  alloc_vmap_area+0x148/0x1d10
[ 1755.126980]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1755.127605]  ? mark_held_locks+0x9e/0xe0
[ 1755.128093]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1755.128617]  ? kasan_unpoison_shadow+0x33/0x50
[ 1755.129162]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1755.129757]  __get_vm_area_node+0x127/0x340
[ 1755.130276]  __vmalloc_node_range+0x13f/0x9e0
[ 1755.130797]  ? n_tty_open+0x16/0x170
[ 1755.131321]  ? n_tty_open+0x16/0x170
[ 1755.131764]  ? __vmalloc_node+0x110/0x110
[ 1755.132255]  ? up_write+0x191/0x550
[ 1755.132683]  ? down_write_killable+0x180/0x180
[ 1755.133220]  ? n_tty_open+0x16/0x170
[ 1755.133652]  __vmalloc_node+0xb5/0x110
[ 1755.134111]  ? n_tty_open+0x16/0x170
[ 1755.134550]  n_tty_open+0x16/0x170
[ 1755.135042]  ? n_tty_set_termios+0x1010/0x1010
[ 1755.136150]  tty_ldisc_open+0xa2/0x120
[ 1755.137211]  tty_ldisc_setup+0x90/0x100
[ 1755.138303]  tty_init_dev.part.0+0x1fa/0x610
[ 1755.139544]  ? pty_open+0x310/0x310
[ 1755.141098]  tty_init_dev+0x5b/0x80
[ 1755.142092]  ptmx_open+0x116/0x370
[ 1755.143074]  ? pty_open+0x310/0x310
[ 1755.144060]  chrdev_open+0x268/0x6e0
[ 1755.145762]  ? __unregister_chrdev+0x110/0x110
[ 1755.146972]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1755.147531]  do_dentry_open+0x4b7/0x1090
[ 1755.148009]  ? __unregister_chrdev+0x110/0x110
[ 1755.148544]  ? may_open+0x1e4/0x400
[ 1755.148972]  path_openat+0x19ba/0x2770
[ 1755.149447]  ? path_lookupat+0x860/0x860
[ 1755.149929]  ? lock_acquire+0x197/0x470
[ 1755.150399]  ? find_held_lock+0x2c/0x110
[ 1755.150892]  do_filp_open+0x190/0x3e0
[ 1755.151372]  ? may_open_dev+0xf0/0xf0
[ 1755.151826]  ? do_raw_spin_lock+0x121/0x260
[ 1755.152336]  ? rwlock_bug.part.0+0x90/0x90
[ 1755.152837]  ? _raw_spin_unlock+0x1a/0x30
[ 1755.153326]  ? alloc_fd+0x2e7/0x670
[ 1755.153762]  do_sys_openat2+0x171/0x4d0
[ 1755.154245]  ? build_open_flags+0x6f0/0x6f0
[ 1755.154747]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.155371]  ? wait_for_completion_io+0x270/0x270
[ 1755.155939]  __x64_sys_openat+0x13f/0x1f0
[ 1755.156428]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1755.156919]  ? ksys_write+0x1a9/0x260
[ 1755.157376]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1755.157985]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1755.158596]  do_syscall_64+0x33/0x40
[ 1755.159076]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.159674] RIP: 0033:0x7f05ed26ab19
[ 1755.160120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.162244] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1755.163175] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1755.164001] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1755.164831] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.165661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1755.166492] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1755.167407] CPU: 0 PID: 9345 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1755.167573] syz-executor.5: vmalloc: allocation failure: 9120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[ 1755.168246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.168252] Call Trace:
[ 1755.168266]  dump_stack+0x107/0x167
[ 1755.168281]  should_fail.cold+0x5/0xa
[ 1755.168297]  ? __alloc_file+0x21/0x320
[ 1755.168313]  should_failslab+0x5/0x20
[ 1755.168326]  kmem_cache_alloc+0x5b/0x310
[ 1755.168351]  __alloc_file+0x21/0x320
[ 1755.169636] ,cpuset=
[ 1755.170562]  alloc_empty_file+0x6d/0x170
[ 1755.170577]  path_openat+0xe6/0x2770
[ 1755.170594]  ? __lock_acquire+0x1657/0x5b00
[ 1755.170903] syz5
[ 1755.171339]  ? path_lookupat+0x860/0x860
[ 1755.171791] ,mems_allowed=0
[ 1755.172231]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1755.172245]  ? lock_acquire+0x197/0x470
[ 1755.172261]  ? find_held_lock+0x2c/0x110
[ 1755.172730] 
[ 1755.173185]  do_filp_open+0x190/0x3e0
[ 1755.173205]  ? may_open_dev+0xf0/0xf0
[ 1755.179142]  ? alloc_fd+0x2e7/0x670
[ 1755.179591]  ? lock_downgrade+0x6d0/0x6d0
[ 1755.180110]  ? do_raw_spin_lock+0x121/0x260
[ 1755.180639]  ? rwlock_bug.part.0+0x90/0x90
[ 1755.181166]  ? _raw_spin_unlock+0x1a/0x30
[ 1755.181671]  ? alloc_fd+0x2e7/0x670
[ 1755.182135]  do_sys_openat2+0x171/0x4d0
[ 1755.182624]  ? build_open_flags+0x6f0/0x6f0
[ 1755.183175]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.183768]  ? wait_for_completion_io+0x270/0x270
[ 1755.184367]  __x64_sys_openat+0x13f/0x1f0
[ 1755.184873]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1755.185394]  ? ksys_write+0x1a9/0x260
[ 1755.185865]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1755.186509]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1755.187161]  do_syscall_64+0x33/0x40
[ 1755.187617]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.188246] RIP: 0033:0x7f7574521b19
[ 1755.188705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.190953] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1755.191886] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1755.192762] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1755.193639] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.194514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1755.195406] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1755.196806] CPU: 1 PID: 9342 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1755.197647] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.198673] Call Trace:
[ 1755.199018]  dump_stack+0x107/0x167
[ 1755.199477]  warn_alloc.cold+0x95/0x18a
[ 1755.199976]  ? zone_watermark_ok_safe+0x260/0x260
[ 1755.200577]  ? slab_free_freelist_hook+0xa9/0x180
[ 1755.201181]  ? __get_vm_area_node+0x2cf/0x340
[ 1755.201741]  ? kasan_unpoison_shadow+0x33/0x50
[ 1755.202292]  ? __get_vm_area_node+0x262/0x340
[ 1755.202844]  __vmalloc_node_range+0x58f/0x9e0
[ 1755.203416]  ? n_tty_open+0x16/0x170
[ 1755.203890]  ? __vmalloc_node+0x110/0x110
[ 1755.204403]  ? up_write+0x191/0x550
[ 1755.204849]  ? down_write_killable+0x180/0x180
[ 1755.205418]  ? n_tty_open+0x16/0x170
[ 1755.205875]  __vmalloc_node+0xb5/0x110
[ 1755.206353]  ? n_tty_open+0x16/0x170
[ 1755.206821]  n_tty_open+0x16/0x170
[ 1755.207278]  ? n_tty_set_termios+0x1010/0x1010
[ 1755.207833]  tty_ldisc_open+0xa2/0x120
[ 1755.208315]  tty_ldisc_setup+0x90/0x100
[ 1755.208801]  tty_init_dev.part.0+0x1fa/0x610
[ 1755.209349]  ? pty_open+0x310/0x310
[ 1755.209784]  tty_init_dev+0x5b/0x80
[ 1755.210231]  ptmx_open+0x116/0x370
[ 1755.210677]  ? pty_open+0x310/0x310
[ 1755.211154]  chrdev_open+0x268/0x6e0
[ 1755.211618]  ? __unregister_chrdev+0x110/0x110
[ 1755.212188]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1755.212745]  do_dentry_open+0x4b7/0x1090
[ 1755.213223]  ? __unregister_chrdev+0x110/0x110
[ 1755.213745]  ? may_open+0x1e4/0x400
[ 1755.214178]  path_openat+0x19ba/0x2770
[ 1755.214640]  ? path_lookupat+0x860/0x860
[ 1755.215142]  ? lock_acquire+0x197/0x470
[ 1755.215598]  ? find_held_lock+0x2c/0x110
[ 1755.216082]  do_filp_open+0x190/0x3e0
[ 1755.216521]  ? may_open_dev+0xf0/0xf0
[ 1755.216971]  ? do_raw_spin_lock+0x121/0x260
[ 1755.217477]  ? rwlock_bug.part.0+0x90/0x90
[ 1755.217969]  ? _raw_spin_unlock+0x1a/0x30
[ 1755.218457]  ? alloc_fd+0x2e7/0x670
[ 1755.218899]  do_sys_openat2+0x171/0x4d0
[ 1755.219373]  ? build_open_flags+0x6f0/0x6f0
[ 1755.219868]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.220437]  ? wait_for_completion_io+0x270/0x270
[ 1755.220998]  __x64_sys_openat+0x13f/0x1f0
[ 1755.221485]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1755.221970]  ? ksys_write+0x1a9/0x260
[ 1755.222425]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1755.223043]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1755.223641]  do_syscall_64+0x33/0x40
[ 1755.224077]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.224671] RIP: 0033:0x7f05ed26ab19
[ 1755.225112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.227692] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1755.229350] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1755.230175] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1755.231011] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.231832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1755.232655] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1755.234321] Mem-Info:
[ 1755.234654] active_anon:55 inactive_anon:53369 isolated_anon:0
[ 1755.234654]  active_file:14509 inactive_file:72367 isolated_file:0
[ 1755.234654]  unevictable:0 dirty:648 writeback:0
[ 1755.234654]  slab_reclaimable:8855 slab_unreclaimable:63979
[ 1755.234654]  mapped:81931 shmem:662 pagetables:1556 bounce:0
[ 1755.234654]  free:93040 free_pcp:497 free_cma:0
[ 1755.237480] FAULT_INJECTION: forcing a failure.
[ 1755.237480] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.238606] Node 0 active_anon:220kB inactive_anon:213476kB active_file:58036kB inactive_file:289468kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:327724kB dirty:2592kB writeback:0kB shmem:2648kB writeback_tmp:0kB kernel_stack:4512kB all_unreclaimable? no
[ 1755.239838] CPU: 0 PID: 9347 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1755.239846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.239850] Call Trace:
[ 1755.239865]  dump_stack+0x107/0x167
[ 1755.239881]  should_fail.cold+0x5/0xa
[ 1755.239898]  ? create_object.isra.0+0x3a/0xa20
[ 1755.242642] Node 0 
[ 1755.243405]  should_failslab+0x5/0x20
[ 1755.243419]  kmem_cache_alloc+0x5b/0x310
[ 1755.243436]  ? mark_held_locks+0x9e/0xe0
[ 1755.244477] DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1755.244705]  create_object.isra.0+0x3a/0xa20
[ 1755.245133] lowmem_reserve[]:
[ 1755.245568]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1755.245588]  kmem_cache_alloc_bulk+0x168/0x320
[ 1755.246166]  0
[ 1755.246379]  io_submit_sqes+0x6fe6/0x8610
[ 1755.246794]  1616
[ 1755.247317]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1755.247334]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1755.247794]  1616
[ 1755.250805]  ? lock_downgrade+0x6d0/0x6d0
[ 1755.250818]  ? find_held_lock+0x2c/0x110
[ 1755.250837]  ? io_submit_sqes+0x8610/0x8610
[ 1755.252221]  1616
[ 1755.252481]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.253817] 
[ 1755.254301]  ? wait_for_completion_io+0x270/0x270
[ 1755.254326]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1755.254585] Node 0 
[ 1755.255035]  ? vfs_write+0x354/0xb10
[ 1755.255049]  ? fput_many+0x2f/0x1a0
[ 1755.255066]  ? ksys_write+0x1a9/0x260
[ 1755.255382] DMA32 free:356252kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:220kB inactive_anon:213476kB active_file:58036kB inactive_file:289468kB unevictable:0kB writepending:2592kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:6224kB bounce:0kB free_pcp:1988kB local_pcp:1068kB free_cma:0kB
[ 1755.255901]  ? __ia32_sys_read+0xb0/0xb0
[ 1755.256457] lowmem_reserve[]:
[ 1755.256694]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1755.256712]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1755.257198]  0
[ 1755.257661]  do_syscall_64+0x33/0x40
[ 1755.257680]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.258190]  0
[ 1755.258417] RIP: 0033:0x7fb7d3ecdb19
[ 1755.258439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.259017]  0
[ 1755.259196] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1755.259211] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1755.259223] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1755.259790]  0
[ 1755.260312] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.260322] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1755.260331] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1755.263068] FAULT_INJECTION: forcing a failure.
[ 1755.263068] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.265475] 
[ 1755.265915] CPU: 0 PID: 9349 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1755.266347] Node 0 
[ 1755.266895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.266903] Call Trace:
[ 1755.267522] DMA: 
[ 1755.267723]  dump_stack+0x107/0x167
[ 1755.267741]  should_fail.cold+0x5/0xa
[ 1755.268223] 1*4kB 
[ 1755.268789]  ? __kernfs_new_node+0xd4/0x860
[ 1755.269011] (U) 
[ 1755.269438]  should_failslab+0x5/0x20
[ 1755.269455]  kmem_cache_alloc+0x5b/0x310
[ 1755.271643] 0*8kB 
[ 1755.271800]  __kernfs_new_node+0xd4/0x860
[ 1755.272669] 0*16kB 
[ 1755.273517]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1755.273538]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.273556]  ? wait_for_completion_io+0x270/0x270
[ 1755.273575]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1755.273596]  kernfs_new_node+0x18d/0x250
[ 1755.274422] 1*32kB 
[ 1755.274631]  __kernfs_create_file+0x51/0x350
[ 1755.274649]  sysfs_add_file_mode_ns+0x221/0x560
[ 1755.275551] (U) 
[ 1755.276352]  internal_create_group+0x324/0xb30
[ 1755.276373]  ? sysfs_remove_group+0x170/0x170
[ 1755.277250] 2*64kB 
[ 1755.278491]  ? kernfs_add_one+0x124/0x4d0
[ 1755.278509]  ? kernfs_create_link+0x1b7/0x230
[ 1755.278528]  internal_create_groups.part.0+0x90/0x140
[ 1755.278742] (U) 
[ 1755.279557]  sysfs_create_groups+0x25/0x50
[ 1755.279572]  device_add+0x7a9/0x1c50
[ 1755.279592]  ? lockdep_init_map_type+0x2c7/0x780
[ 1755.279892] 1*128kB 
[ 1755.280844]  ? devlink_add_symlinks+0x970/0x970
[ 1755.280873]  netdev_register_kobject+0x17a/0x3b0
[ 1755.281233] (U) 
[ 1755.281430]  register_netdevice+0xd6e/0x1480
[ 1755.281832] 1*256kB 
[ 1755.282296]  ? netdev_change_features+0xb0/0xb0
[ 1755.282314]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1755.282337]  __tun_chr_ioctl+0x2156/0x3f60
[ 1755.282629] (U) 
[ 1755.283119]  ? lock_downgrade+0x6d0/0x6d0
[ 1755.283136]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.283157]  ? tun_chr_poll+0x700/0x700
[ 1755.283395] 0*512kB 
[ 1755.283840]  ? wait_for_completion_io+0x270/0x270
[ 1755.284312] 1*1024kB 
[ 1755.284567]  ? selinux_file_ioctl+0xb6/0x270
[ 1755.285041] (U) 
[ 1755.285308]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1755.285836] 1*2048kB 
[ 1755.286418]  __x64_sys_ioctl+0x19a/0x210
[ 1755.286434]  do_syscall_64+0x33/0x40
[ 1755.286451]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.287047] (M) 
[ 1755.287634] RIP: 0033:0x7f7955930b19
[ 1755.287656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.288194] 3*4096kB 
[ 1755.288378] RSP: 002b:00007f7952e85188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1755.288879] (M) 
[ 1755.289436] RAX: ffffffffffffffda RBX: 00007f7955a44020 RCX: 00007f7955930b19
[ 1755.289446] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000004
[ 1755.289455] RBP: 00007f7952e851d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.289468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1755.289753] = 15908kB
[ 1755.290241] R13: 00007fffc7f8b28f R14: 00007f7952e85300 R15: 0000000000022000
[ 1755.314296] Node 0 DMA32: 537*4kB (UME) 861*8kB (UME) 420*16kB (UME) 155*32kB (UME) 43*64kB (UME) 105*128kB (UME) 74*256kB (UM) 40*512kB (UM) 27*1024kB (UE) 17*2048kB (UM) 53*4096kB (UM) = 355884kB
[ 1755.316585] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1755.317614] 29257 total pagecache pages
[ 1755.318134] 0 pages in swap cache
[ 1755.318555] Swap cache stats: add 0, delete 0, find 0/0
[ 1755.319277] Free swap  = 0kB
[ 1755.319666] Total swap = 0kB
[ 1755.320067] 524158 pages RAM
[ 1755.320448] 0 pages HighMem/MovableOnly
[ 1755.320898] 105064 pages reserved
20:08:48 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 70)

20:08:48 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 4)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:08:48 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:08:48 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:08:48 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 16)

20:08:48 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 33)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:08:48 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
preadv(r0, &(0x7f0000000400)=[{&(0x7f0000000100)}, {&(0x7f0000000140)=""/23, 0x17}, {&(0x7f00000001c0)=""/253, 0xfd}, {&(0x7f0000000300)=""/87, 0x57}, {&(0x7f0000000380)=""/90, 0x5a}], 0x5, 0x2800, 0x5)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x28, r5, 0x329, 0x0, 0x0, {{0x5}, {@void, @val={0x69}, @val={0xc}}}, [@NL80211_ATTR_VENDOR_SUBCMD, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_DATA={0x0, 0xc5, "ef86d99f8a738f9bc1eff4449c1a3cf5884f6f3a4919b24912bc760428e53816c641e6f67c9079c1f2f52916d6ab84d556bf2b07cf5f319eaae3bff13cd0cfa48d2beac4ee39808a50525171151ef6be4b4ce783e807a69629cf02c5ea10825e24b541d1fafd8446f0e9800572517767fbc8fdc70156ed5ca5d726980e16fbf6a594e7dc717af0d99532c9c90dc955f715874d5cc1e98921aa2083c9b711b0f744f54b40411895e1df80af7fb964f0bb7cb641000a1322827d8a04c570c02ff85e95368f58ba59b53b9b107bd106b4aa9ebf827227374d827ae75ff40dbe9b756f5a1810b90dc2e3405b2ce9b46646ccb42d27bea4588b5baf49f767307c4c30d5cd73b6410683c73f0617e870a832c0b783be431f6b1330cf3706626df95067c7b8df83451dfa1a1581a2a4f0002a7f65f8a4f290c1d69200fa64de0a25da82bf3916586733e6eae78d52ad45ad0ea8e102b10b62b2b6b57b4a516e989b7f697762b9f3ce2e0a6b712f8536f98cea39cfa31f9b34bac2ba819b3d493169a6a002e6fb46ee1b017a3c95cb2dc61106c7f542f3b30f72fc2efb3f260511af858b0def5bb6e76e3d261faa96f3e6af4f252f7c136943187d65bf4b4d75b393183380cdd3e0a875c4a915b23575b89a76b2b9ee70ee56f69129cf991c499120ea59199437b228daf3fd8cff692059f2456ff5889fdb51add7297adb6fcd6786399b833a1d9744a38255ec269d14776497549796a4267d7eaaf2a99117c654fde549f2a03f427db2faa245b0d2fca57f17902a48b3ca67dd1c14aa57f4052e4b1bdacba2dbc7fa0267685a79f53ecefc04487aa3f9ab205d27981ab11f62bbdccafe2ebba23c7ff24e78a56f8fee89d49007b8e69d020d81771c27e833ad1b31a2b07bb59a9c2cad7cb4b0abb214f5b63ffd602eeecaa620baac5efb8607fd96b594f2df06e2ec8ffd4c814cb03b24086dd0d8f57343bd8e0467f521708103690d74da704e0d66c85f6d4e3f51c0c62afb14fb7d94d53796d169803b4b448cb3911c47a1cae16846d0265c98632a12e718ffe066f0f89bb1fc9e1d0fc921310aea896541c8e1f3e78eb6a92a5a29325841b551c43b28aa6726ffdff0ec0dd5a75df6e9ce25fde1d734e68eb90ce8cc09a783097412677aca35748aa4a5e0bb40f586ea43586cd72ac15c70d641a96b7518d008f2607f1f855d16b151e126bb1b2dda15ed593bb2a425669e3299900bed9c8282edfec2a793221dafabd1fce7d93c58bf976ae31f079b8d9eca8c23ae45b108a91fa82a5d023f7daf148abd3acf38fe37768755fe8c0aa139b0a9ccb50c3e9796a4eb6994a2457897d3ba49d7a371e43391e94172c7f975967b58690deea3dd17f90c82c82882e0098c89832a6dcbfefaf6c382f138100dff4b691255927a865e3a54d9546575cb66829e75d9977226ef3b1dd866d9d81c49b402b0d0812f190678aa0cfa714d4d02f79f0ebc4a8cc18225a5e39d6e103bb21565a4a84b5917e45abc7cf472010480aa039d09b762c11840273b426dc8c174f3c4fed301b0ea0e8a1eaa19af533c38dfa4a92fa4119b0a2589a523a2da493d4f65588b526fc470ba14d7ba5d96cef7b6f8ee8df0378f22c1307b75a23567ce82a8777cff6a67a17262d2c03b1c46e592cfba6fc9207cab84e6a22dc56b9af6a45258b93e17b2a13021a8b325252453591364a9800a6c5239e06b5be31aeae726c1441e68ab29cbd193f6c3e9e4215dca29739ab09f1e92b296393044dd328cbca17e39696a2b2ce9c16aa3abe56f08865267a80a266d66651c406951b2f71717bec37d47684a1b627fda676a40cd3db9360619def50a8a548610d459df9b8d53b86538b75e873f17fbdc796ed89077fe59f1583967a1b9af3c25c3c5995e9ce4d4158521b743280939c3ec3e0ce6d13d14f508be8a152bd76b1292a866fd669308d602715a6360464d340d49a1ba3a2a5c3b00e948599396b8f6afef432487039fc5f8357440033529aa46aa16c00b746264b8718554aaf9df39fc82988c1d263c3a30879a286e0c0406278adc1debd7cb0d73e7182da0fb6cd44cd98cc457ede91e5245028c5a51fb88fe7d01ca96b923a81d5ac06ac136b4b3fe5e7782ece9eed7b94bb9483e3adcf33b70c18c461679db4e7167a1a1b43ec0f6ad4d1f1fb2520873e6a1bd1151ceb1e3aeca49cad2609566ee2c9bdc04a4f1a261e0d748952244f4bdbb0d0497d64e39563ae82817d6e2d304b5597e039aec158a7cd7dbe110ae84d3c0c6db0d89908a3890ffe13b59aeadf747a67f45e29f9cc45a559ad3eee57738d8908ed6e36683dff668f505a1c5218e32dd880529eba31d8553cf9fce05865a002db34f12ad68b0f3c3cf8aa1a87c5af68c802b706b180f6b8ab3d0723665685b94dfc8a4f8e850bed16bc1cf6cdf4123a54ef8b227a802d4196c51305660e3ab89e7b4d32631e3a7837b50db760e89d4254e8bcc702a33e5d04c3f319fa787c261dd230975ee1ba45c15bba45ea1dac765cc25dc09b8a70ab731996e3319662409d2c35cf2e61cd2a0783217fb887e53f4f6f1bc2a95fe99b2708b167efd1218f76d6ffb67db87823da27109bdf593dc4dbf9ad007921789c6a5c9960f4b3d2fe2423f6d3d97fafa855e2e48b8b9ab40262bf84ef3e23c2fa8179ffed6f516426308fe20490add92980ed1da07c36c4262e514e7b8bf627b84bbad6bda7c7f1572f583e1a35a7baefd512891273eeefbb9ddef75d672010e8fa7a4a026ca339d1e96baee5da924f53cc8c8c67bf4ef7e876c4bda36a14f4e24647498d2dd3aa483eb9c2dbf714abc0e43c98c313fa93c3f1f9faa821574082f871a15d3ab82cad85a7735131a40f3f044afa3e9102ddc6c5bbc5d05f787a7c18251f6d4e53b023671d02c049494c4f58ffca7e21a3293c4043e97a9cb72e0298d615069418b0bae45f279baa896c92f6b933334d9be7cda2e2122fac652096e279049c208aedc1a889b8d0c7753a3d0dc1ea4e481b3dfd19681ff64eae5191937b137bb9f5b685177faaa32a1ad86fa7b783465c521b21e68adf0c2aaebb5db2e3015cfc47f7946fabb63200ff94ba39b928f3ede32d993758f70f62ed6538ade62d716fbffb4d7c76680ff0f0201f0cb01534e1e12da1d6478598b2104799010b6ad3db4cc800c5d4fb15e1598b743290539b96010172d881587d0ddf69d8cae12ce128b40d6ef8f314d13330838d8ba29c3922ea20e4b03cae34e2286cba7c1b7e508516cc2bc3500b54656b558138352bed51608e0512f23f8d40769ae3046bf5207c5c6bb7b79d864c98c73f65b7969d85ef316b05a391263a3ee8d66166e9c32dbbc9b205afe379611156baf1e2acbeeea9cd014a84065a546b3810bd46a4b52be4ba5bdb194f374e580bc85914c4eadc03af24f5f4334253f303b5ff68591f73277dd191f8e6414cc492d28574d37ed0a63a0cd38e0cbc2f53798c0f06d31a2db7b0d141bd3e2cd08f1295bb2b9261a90c13c25e0cf1559623c3fab188fcad748656176e21c84c26468b49d8861ebbe71a9f62f6521440771c0911c73f194dfb63976820cb16ab9e24c8bf3efb5403a0d0186fab4de0408bf144298e07c5b508dc6ccc1a505f2278c7217c3946f8732daf8cff32e070f365795a4d9bc871c259b10bb8bcced5ce3691ec477f2f9d3f192b00105da1b235a7a3e95a37d768e3d84e0bdef0bd26e257ee4e27eaac51285430899087c175b3d8e98bc2d327020a0d4259f0785796c6939db78779ad1112d6cf1de6ac2ef2c9d3f5861e613f39db8ee4b45a09451bdeecdd6f96bca89b9c6d0f0f4b84841b15edb1f539c50e796faf6b93fbb55d46ed83a49db699c0f1215238f5bdeab9dd346b7ed0b429363f0e2baeb298d9ddb7a47fb0fc2392691c4309d6a1880de8f0c476c4f1d8fcbb876ba83f0233d2a218565166b0b34b70581d3bde8120af79c2160e8b8a015d2518c56350cb65ec11b5e0417c2163263e1cfaa6ea0a0e9251d5e7d4991eca8d44a1dc5e6a679dc517db96e4cef4de703c1c0d685ac27e814e1752dc060bc502605c8e67cd287f1950c68378d82766d5da739216b26ef08f3d5b5bc4804b0893f61ab1bd7afca553d7ccca29343f1cfb0852ff6b7dd06f037a9714071a289a8be5a2418f233ac5ae39a54f629b34ebc5f7ccbfbac05fb9fd9a6b460dc5a3c10da67bc94826c104fb67fd7c27346ce72c61cd68097c7cde7fbbb7ab48cbb54b0d3e761d060c94c0c739f11b9c674739d8fe210b01cac3a89d1d101ba78366eb9beb888f6a87b84370f42a4d9919a7875dc03a6811d24be5c1df5e47b9caf2bfca2e8a75c4ecbfd2eded9692952111452cff86c1c177132972dd775c140566d2fc12eb91810d0168305a9dfc3e5fe2e7409bf098e6fddd6dffe96852a2edd0bc0d998a17710fc2e349a7e9a57794b54ab05673fd5e703cd3bcf9914284ccf1a57eab9f7c6e738e8950ee5fd422f60c844f9c7948513a7a3f95d4db22438381dad57cdaacb067268d2de948cdb5f351a7ca2914bb6c9f439877507f4ce34be56cc32eeba50dc69f4077148cc3345bfd9e6d5eced009d1b758d6612bd655b307301e3e7bdaaa636cf53616824b38f0432ef81e415cec13f330efca03c5111275a86902c9bfffb614dcfdb8ebfce9072a13943777e58e79c33cc78c0a17ff8e436c85c73fd9d3a5ce014318bcd1ec47818c80bb4fecbebaaaaa8ccb12021175e54a7b5bfda260841ffcf73a81f70d1038f93c0855e57832851f41312f04c12038dfa2d7f7a8c7f921a000083fb9c963a12c2c55a6b5f5f230626d0bcdf8210196126fd92bd75e29d618e562e9d2bea62017e39b964666687210db26c6247d31b089d8f178c7b2c8d83f57716bbfe138520206f18a330772e5b7db453c14c3b1c8641816a77c88950e6ce94de3e8251ab2cb4736b0f2576cc72e7dd26051437f54918488107c4af6871b20933b451a94c00248612de7487ad2706fcd2a8965619acf04aa6fd08016e9916a85097660460e4ba035c284704f701267690ef9c29cc827ca0ff0c01c5f8ebe94c508315c6c756fde533f394640844dbcfab4059da1928ecb06c845f9438b61e48dd6ae6958afbe38ac570f7d342cbd1a0746298a740bc4d4b487c06d2075f6037b7eb81e68a786afdd30197b13eef38f6e5fe984bc136b4ab6cb6ba2b5c51e4003ae53194246c301f6aaed5e714358f66cbf0de825791c3adf2d274367c0b27b6923048450290115c98a6fb59036c818bfc41eadc1e45f9b8108fb32ca662f6fb4faa3a9890c88ba8c03f5fcb578bb667a9068a516b03166e6a32f75e5e6180ccda693475003942e0dd071b6b5361ceffbb57ed8ac6fa57f131dde4e7f07f059a88ae08cb71964e82955cc6fd3af60f1e9c1fcb255b2c17a9bdac04b1f8ff736f42c3345b03b358688effa91d3a8552fc09b6de453ac939e4a2dd9acb345ba543f45fd05d0c09aad0c53a469fc846b3bf842f7c0ef0118c0f25c46c592012a65f6043f20a4979ffc5c9a163a306d3d820d837e4661d53d5ddfb703bf4915220c4c303c21064894268aa38a264d5051e96205bfd90e8cc21f0f991b717e7e3a837853cc1e111ea52490b49559c87711e39a7df424bd3fcbd91d725268e73036d058698d724eee10b532370eed633cc33b2dad1ba54fab7c51e663622fd2ce6e2e405d5f0ed53ea3ccfd2d1997f806c14ed2e223c507d9dc95a6d5834a8ef48d8e5bbba6a72aae7697095615512436d3459"}, @NL80211_ATTR_VENDOR_SUBCMD, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_DATA={0x0, 0xc5, "29a51bfbda6f52af128eed8e85b05b5f2b465e504cc2176547f33a5778ec8ab5ea0afd5350cdce3bb439dfef0456eb33dcf3aa14e9386cc9645a4788364efd6cbe8dc51affd2cb665b8fef1f28a3edfeacbd1a3808d18fd543396d22cb041ddedc39503aaeed09ccdb1bf44dfb0107f1878bcb56e760f164f9e2b8841c9a1de4019e5f369ac6121c5cfbe8a8d62529c5cdc43dfa91926ed7647dacf952031ee4995ba28d770add9b4b2817cd6e980c65dfc02ad630cd3c1d3632bc4caed5e357487f17982fa24608168aa723a71e76683fe18ffa610068b1371571d3d527a59789b8a39f7aff488dfb7539698304966d7aeddd5cd8f959293ea299"}, @NL80211_ATTR_VENDOR_ID]}, 0x28}}, 0x0)
readv(r4, &(0x7f0000000040)=[{&(0x7f0000000100)=""/43, 0x2b}], 0x1)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r7, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r6, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:48 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 32)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1755.359424] FAULT_INJECTION: forcing a failure.
[ 1755.359424] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.360982] CPU: 0 PID: 9339 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1755.361810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.362835] Call Trace:
[ 1755.363196]  dump_stack+0x107/0x167
[ 1755.363654]  should_fail.cold+0x5/0xa
[ 1755.364140]  ? __kernfs_new_node+0xd4/0x860
[ 1755.364710]  should_failslab+0x5/0x20
[ 1755.365213]  kmem_cache_alloc+0x5b/0x310
[ 1755.365748]  __kernfs_new_node+0xd4/0x860
[ 1755.366278]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1755.366984]  ? kernfs_add_one+0x124/0x4d0
[ 1755.367542]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1755.368173]  ? lock_acquire+0x197/0x470
[ 1755.368702]  ? find_held_lock+0x2c/0x110
[ 1755.369250]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1755.369895]  kernfs_new_node+0x18d/0x250
[ 1755.370442]  kernfs_create_link+0xcb/0x230
[ 1755.371030]  sysfs_do_create_link_sd+0x90/0x140
[ 1755.371655]  sysfs_create_link+0x5f/0xc0
[ 1755.372200]  device_add+0x5e1/0x1c50
[ 1755.372699]  ? lockdep_init_map_type+0x2c7/0x780
[ 1755.373329]  ? devlink_add_symlinks+0x970/0x970
[ 1755.373962]  netdev_register_kobject+0x17a/0x3b0
[ 1755.374600]  register_netdevice+0xd6e/0x1480
[ 1755.375221]  ? netdev_change_features+0xb0/0xb0
[ 1755.375849]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1755.376432]  __tun_chr_ioctl+0x2156/0x3f60
[ 1755.377001]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1755.377697]  ? tun_chr_poll+0x700/0x700
[ 1755.378232]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1755.379013]  ? security_file_ioctl+0x6c/0xb0
[ 1755.379604]  ? __sanitizer_cov_trace_pc+0x30/0x60
[ 1755.380249]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1755.380853]  __x64_sys_ioctl+0x19a/0x210
[ 1755.381401]  do_syscall_64+0x33/0x40
[ 1755.381898]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.382581] RIP: 0033:0x7fc68ced6b19
[ 1755.383088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.385474] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1755.386463] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1755.387419] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1755.388345] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.389230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1755.390174] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1755.443368] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1755.462395] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:08:48 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 33)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:08:48 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 17)

20:08:48 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 71)

20:08:48 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 5)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:08:48 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 34)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1755.627673] FAULT_INJECTION: forcing a failure.
[ 1755.627673] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.629274] CPU: 1 PID: 9364 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1755.630195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.631281] Call Trace:
[ 1755.631594]  dump_stack+0x107/0x167
[ 1755.632023]  should_fail.cold+0x5/0xa
[ 1755.632465]  ? create_object.isra.0+0x3a/0xa20
[ 1755.632996]  should_failslab+0x5/0x20
[ 1755.633456]  kmem_cache_alloc+0x5b/0x310
[ 1755.633951]  ? tty_ldisc_setup+0x90/0x100
[ 1755.634448]  ? tty_init_dev.part.0+0x1fa/0x610
[ 1755.635024]  create_object.isra.0+0x3a/0xa20
[ 1755.635617]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1755.636298]  kmem_cache_alloc_node+0x169/0x330
[ 1755.636926]  alloc_vmap_area+0x148/0x1d10
[ 1755.637179] FAULT_INJECTION: forcing a failure.
[ 1755.637179] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.637478]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1755.637497]  ? mark_held_locks+0x9e/0xe0
[ 1755.640217]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1755.640822]  ? kasan_unpoison_shadow+0x33/0x50
[ 1755.641439]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1755.642130]  __get_vm_area_node+0x127/0x340
[ 1755.642718]  __vmalloc_node_range+0x13f/0x9e0
[ 1755.643330]  ? n_tty_open+0x16/0x170
[ 1755.643855]  ? n_tty_open+0x16/0x170
[ 1755.644389]  ? __vmalloc_node+0x110/0x110
[ 1755.644973]  ? up_write+0x191/0x550
[ 1755.645486]  ? down_write_killable+0x180/0x180
[ 1755.646131]  ? n_tty_open+0x16/0x170
[ 1755.646654]  __vmalloc_node+0xb5/0x110
[ 1755.647149]  ? n_tty_open+0x16/0x170
[ 1755.647582]  n_tty_open+0x16/0x170
[ 1755.647992]  ? n_tty_set_termios+0x1010/0x1010
[ 1755.648517]  tty_ldisc_open+0xa2/0x120
[ 1755.648966]  tty_ldisc_setup+0x90/0x100
[ 1755.649425]  tty_init_dev.part.0+0x1fa/0x610
[ 1755.649934]  ? pty_open+0x310/0x310
[ 1755.650352]  tty_init_dev+0x5b/0x80
[ 1755.650774]  ptmx_open+0x116/0x370
[ 1755.651237]  ? pty_open+0x310/0x310
[ 1755.651730]  chrdev_open+0x268/0x6e0
[ 1755.652232]  ? __unregister_chrdev+0x110/0x110
[ 1755.652849]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1755.653482]  do_dentry_open+0x4b7/0x1090
[ 1755.654029]  ? __unregister_chrdev+0x110/0x110
[ 1755.654644]  ? may_open+0x1e4/0x400
[ 1755.655138]  path_openat+0x19ba/0x2770
[ 1755.655670]  ? path_lookupat+0x860/0x860
[ 1755.656219]  ? lock_acquire+0x197/0x470
[ 1755.656754]  ? find_held_lock+0x2c/0x110
[ 1755.657318]  do_filp_open+0x190/0x3e0
[ 1755.657828]  ? may_open_dev+0xf0/0xf0
[ 1755.658351]  ? do_raw_spin_lock+0x121/0x260
[ 1755.658949]  ? rwlock_bug.part.0+0x90/0x90
[ 1755.659443]  ? _raw_spin_unlock+0x1a/0x30
[ 1755.659922]  ? alloc_fd+0x2e7/0x670
[ 1755.660352]  do_sys_openat2+0x171/0x4d0
[ 1755.660814]  ? build_open_flags+0x6f0/0x6f0
[ 1755.661312]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.661874]  ? wait_for_completion_io+0x270/0x270
[ 1755.662439]  __x64_sys_openat+0x13f/0x1f0
[ 1755.662926]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1755.663486]  ? ksys_write+0x1a9/0x260
[ 1755.664004]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1755.664715]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1755.665413]  do_syscall_64+0x33/0x40
[ 1755.665916]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.666610] RIP: 0033:0x7f05ed26ab19
[ 1755.667095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.669209] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1755.670087] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1755.670917] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1755.671877] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.672835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1755.673795] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1755.674779] CPU: 0 PID: 9357 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1755.675602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.676580] Call Trace:
[ 1755.676886]  dump_stack+0x107/0x167
[ 1755.677308]  should_fail.cold+0x5/0xa
[ 1755.677749]  ? create_object.isra.0+0x3a/0xa20
[ 1755.678284]  should_failslab+0x5/0x20
[ 1755.678723]  kmem_cache_alloc+0x5b/0x310
[ 1755.683212]  create_object.isra.0+0x3a/0xa20
[ 1755.683742]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1755.684355]  kmem_cache_alloc+0x159/0x310
[ 1755.684862]  __kernfs_new_node+0xd4/0x860
[ 1755.685366]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1755.685940]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.686496]  ? wait_for_completion_io+0x270/0x270
[ 1755.687068]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1755.687676]  kernfs_new_node+0x18d/0x250
[ 1755.688145]  __kernfs_create_file+0x51/0x350
[ 1755.688654]  sysfs_add_file_mode_ns+0x221/0x560
[ 1755.689194]  internal_create_group+0x324/0xb30
[ 1755.689723]  ? sysfs_remove_group+0x170/0x170
[ 1755.690239]  ? kernfs_add_one+0x124/0x4d0
[ 1755.690717]  ? kernfs_create_link+0x1b7/0x230
[ 1755.691282]  internal_create_groups.part.0+0x90/0x140
[ 1755.691945]  sysfs_create_groups+0x25/0x50
[ 1755.692488]  device_add+0x7a9/0x1c50
[ 1755.692969]  ? lockdep_init_map_type+0x2c7/0x780
[ 1755.693544]  ? devlink_add_symlinks+0x970/0x970
[ 1755.694086]  netdev_register_kobject+0x17a/0x3b0
[ 1755.694635]  register_netdevice+0xd6e/0x1480
[ 1755.695154]  ? netdev_change_features+0xb0/0xb0
[ 1755.695693]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1755.696197]  __tun_chr_ioctl+0x2156/0x3f60
[ 1755.696686]  ? lock_downgrade+0x6d0/0x6d0
[ 1755.697164]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.697719]  ? tun_chr_poll+0x700/0x700
[ 1755.698178]  ? wait_for_completion_io+0x270/0x270
[ 1755.698740]  ? selinux_file_ioctl+0xb6/0x270
[ 1755.699277]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1755.699794]  __x64_sys_ioctl+0x19a/0x210
[ 1755.700263]  do_syscall_64+0x33/0x40
[ 1755.700691]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.701279] RIP: 0033:0x7f7955930b19
[ 1755.701707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.703823] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1755.704695] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1755.705513] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1755.706330] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.711170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1755.711984] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1755.729642] FAULT_INJECTION: forcing a failure.
[ 1755.729642] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.735020] CPU: 0 PID: 9362 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1755.735802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.736752] Call Trace:
[ 1755.737059]  dump_stack+0x107/0x167
[ 1755.737481]  should_fail.cold+0x5/0xa
[ 1755.737921]  ? create_object.isra.0+0x3a/0xa20
[ 1755.738451]  should_failslab+0x5/0x20
[ 1755.738901]  kmem_cache_alloc+0x5b/0x310
[ 1755.739386]  ? mark_held_locks+0x9e/0xe0
[ 1755.739858]  create_object.isra.0+0x3a/0xa20
[ 1755.740368]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1755.740957]  kmem_cache_alloc_bulk+0x168/0x320
[ 1755.741492]  io_submit_sqes+0x6fe6/0x8610
[ 1755.741992]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1755.742567]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1755.743166]  ? lock_downgrade+0x6d0/0x6d0
[ 1755.743644]  ? find_held_lock+0x2c/0x110
[ 1755.744115]  ? io_submit_sqes+0x8610/0x8610
[ 1755.744620]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.745177]  ? wait_for_completion_io+0x270/0x270
[ 1755.745735]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1755.746269]  ? vfs_write+0x354/0xb10
[ 1755.746698]  ? fput_many+0x2f/0x1a0
[ 1755.751143]  ? ksys_write+0x1a9/0x260
[ 1755.751591]  ? __ia32_sys_read+0xb0/0xb0
[ 1755.752068]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1755.752676]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1755.753271]  do_syscall_64+0x33/0x40
[ 1755.753534] FAULT_INJECTION: forcing a failure.
[ 1755.753534] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.753702]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.755552] RIP: 0033:0x7fb7d3ecdb19
[ 1755.755982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.758089] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1755.758978] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1755.759799] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1755.760620] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.761440] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1755.762261] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1755.763125] CPU: 1 PID: 9358 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1755.763925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.764880] Call Trace:
[ 1755.765185]  dump_stack+0x107/0x167
[ 1755.765606]  should_fail.cold+0x5/0xa
[ 1755.766047]  ? create_object.isra.0+0x3a/0xa20
[ 1755.766575]  should_failslab+0x5/0x20
[ 1755.767033]  kmem_cache_alloc+0x5b/0x310
[ 1755.767506]  create_object.isra.0+0x3a/0xa20
[ 1755.768015]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1755.768603]  kmem_cache_alloc+0x159/0x310
[ 1755.769088]  __alloc_file+0x21/0x320
[ 1755.769518]  alloc_empty_file+0x6d/0x170
[ 1755.769988]  path_openat+0xe6/0x2770
[ 1755.770417]  ? __lock_acquire+0x1657/0x5b00
[ 1755.774949]  ? path_lookupat+0x860/0x860
[ 1755.775424]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1755.776024]  ? SOFTIRQ_verbose+0x10/0x10
[ 1755.776488]  ? find_held_lock+0x2c/0x110
[ 1755.776963]  do_filp_open+0x190/0x3e0
[ 1755.777399]  ? may_open_dev+0xf0/0xf0
[ 1755.777840]  ? alloc_fd+0x2e7/0x670
[ 1755.778259]  ? lock_downgrade+0x6d0/0x6d0
[ 1755.778737]  ? do_raw_spin_lock+0x121/0x260
[ 1755.779249]  ? rwlock_bug.part.0+0x90/0x90
[ 1755.779741]  ? _raw_spin_unlock+0x1a/0x30
[ 1755.780217]  ? alloc_fd+0x2e7/0x670
[ 1755.780643]  do_sys_openat2+0x171/0x4d0
[ 1755.781103]  ? build_open_flags+0x6f0/0x6f0
[ 1755.781598]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.782157]  ? wait_for_completion_io+0x270/0x270
[ 1755.782719]  __x64_sys_openat+0x13f/0x1f0
[ 1755.783216]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1755.783702]  ? ksys_write+0x1a9/0x260
[ 1755.784146]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1755.784748]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1755.785342]  do_syscall_64+0x33/0x40
[ 1755.785772]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.786359] RIP: 0033:0x7f7574521b19
[ 1755.786787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.788906] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1755.789777] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1755.790596] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1755.791426] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.792245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1755.793065] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:08:49 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 18)

[ 1755.867032] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1755.869524] FAULT_INJECTION: forcing a failure.
[ 1755.869524] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.870920] CPU: 0 PID: 9360 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1755.871758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.872762] Call Trace:
[ 1755.873091]  dump_stack+0x107/0x167
[ 1755.873537]  should_fail.cold+0x5/0xa
[ 1755.874024]  ? create_object.isra.0+0x3a/0xa20
[ 1755.874607]  should_failslab+0x5/0x20
[ 1755.891118]  kmem_cache_alloc+0x5b/0x310
[ 1755.891615]  create_object.isra.0+0x3a/0xa20
[ 1755.892147]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1755.892763]  __kmalloc_track_caller+0x177/0x370
[ 1755.893326]  ? kstrdup_const+0x53/0x80
[ 1755.893800]  kstrdup+0x36/0x70
[ 1755.894191]  kstrdup_const+0x53/0x80
[ 1755.894648]  __kernfs_new_node+0x9d/0x860
[ 1755.895168]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1755.895805]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1755.896383]  ? lock_acquire+0x197/0x470
[ 1755.896863]  ? find_held_lock+0x2c/0x110
[ 1755.897358]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1755.897944]  kernfs_new_node+0x18d/0x250
[ 1755.898439]  kernfs_create_link+0xcb/0x230
[ 1755.898963]  sysfs_do_create_link_sd+0x90/0x140
[ 1755.899532]  sysfs_create_link+0x5f/0xc0
[ 1755.900027]  device_add+0x703/0x1c50
[ 1755.900480]  ? lockdep_init_map_type+0x2c7/0x780
[ 1755.901052]  ? devlink_add_symlinks+0x970/0x970
[ 1755.901625]  netdev_register_kobject+0x17a/0x3b0
[ 1755.902201]  register_netdevice+0xd6e/0x1480
[ 1755.902738]  ? netdev_change_features+0xb0/0xb0
[ 1755.903314]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1755.903844]  __tun_chr_ioctl+0x2156/0x3f60
[ 1755.904359]  ? lock_downgrade+0x6d0/0x6d0
[ 1755.904865]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1755.905448]  ? tun_chr_poll+0x700/0x700
[ 1755.905931]  ? wait_for_completion_io+0x270/0x270
[ 1755.906523]  ? selinux_file_ioctl+0xb6/0x270
[ 1755.923112]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1755.923707]  __x64_sys_ioctl+0x19a/0x210
[ 1755.924245]  do_syscall_64+0x33/0x40
[ 1755.924737]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1755.925398] RIP: 0033:0x7fc68ced6b19
[ 1755.925863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1755.928135] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1755.929054] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1755.929938] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1755.930842] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1755.931712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1755.932642] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1755.993833] FAULT_INJECTION: forcing a failure.
[ 1755.993833] name failslab, interval 1, probability 0, space 0, times 0
[ 1755.995440] CPU: 0 PID: 9374 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1755.996278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1755.997278] Call Trace:
[ 1755.997604]  dump_stack+0x107/0x167
[ 1755.998046]  should_fail.cold+0x5/0xa
[ 1755.998511]  ? create_object.isra.0+0x3a/0xa20
[ 1755.999081]  should_failslab+0x5/0x20
[ 1755.999544]  kmem_cache_alloc+0x5b/0x310
[ 1756.000036]  ? mark_held_locks+0x9e/0xe0
[ 1756.000530]  create_object.isra.0+0x3a/0xa20
[ 1756.001063]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1756.001681]  kmem_cache_alloc_bulk+0x168/0x320
[ 1756.002239]  io_submit_sqes+0x6fe6/0x8610
[ 1756.002760]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1756.003383]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1756.003970]  ? lock_downgrade+0x6d0/0x6d0
[ 1756.004471]  ? find_held_lock+0x2c/0x110
[ 1756.004967]  ? io_submit_sqes+0x8610/0x8610
[ 1756.005500]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1756.006087]  ? wait_for_completion_io+0x270/0x270
[ 1756.006676]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1756.007258]  ? vfs_write+0x354/0xb10
[ 1756.007710]  ? fput_many+0x2f/0x1a0
[ 1756.008152]  ? ksys_write+0x1a9/0x260
[ 1756.008615]  ? __ia32_sys_read+0xb0/0xb0
[ 1756.009110]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1756.009745]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1756.010371]  do_syscall_64+0x33/0x40
[ 1756.010822]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1756.011459] RIP: 0033:0x7fb7d3ecdb19
[ 1756.011911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1756.014131] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1756.015065] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1756.015931] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1756.016794] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1756.017656] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1756.018520] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:08:49 executing program 1:
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3065ec5e, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:08:49 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 6)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:08:49 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 35)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:08:49 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 72)

[ 1756.106542] FAULT_INJECTION: forcing a failure.
[ 1756.106542] name failslab, interval 1, probability 0, space 0, times 0
[ 1756.108147] CPU: 1 PID: 9379 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1756.108980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1756.109984] Call Trace:
[ 1756.110312]  dump_stack+0x107/0x167
[ 1756.110757]  should_fail.cold+0x5/0xa
[ 1756.111240]  ? kmemleak_scan_area+0xa6/0x360
[ 1756.111779]  should_failslab+0x5/0x20
[ 1756.112242]  kmem_cache_alloc+0x5b/0x310
[ 1756.112741]  kmemleak_scan_area+0xa6/0x360
[ 1756.113260]  alloc_vmap_area+0x171/0x1d10
[ 1756.113764]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1756.114407]  ? mark_held_locks+0x9e/0xe0
[ 1756.114915]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1756.115471]  ? kasan_unpoison_shadow+0x33/0x50
[ 1756.116027]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1756.116646]  __get_vm_area_node+0x127/0x340
[ 1756.117174]  __vmalloc_node_range+0x13f/0x9e0
[ 1756.117719]  ? n_tty_open+0x16/0x170
[ 1756.118169]  ? n_tty_open+0x16/0x170
[ 1756.118628]  ? __vmalloc_node+0x110/0x110
[ 1756.119149]  ? up_write+0x191/0x550
[ 1756.119453] FAULT_INJECTION: forcing a failure.
[ 1756.119453] name failslab, interval 1, probability 0, space 0, times 0
[ 1756.119597]  ? down_write_killable+0x180/0x180
[ 1756.121470]  ? n_tty_open+0x16/0x170
[ 1756.121923]  __vmalloc_node+0xb5/0x110
[ 1756.122415]  ? n_tty_open+0x16/0x170
[ 1756.122869]  n_tty_open+0x16/0x170
[ 1756.127323]  ? n_tty_set_termios+0x1010/0x1010
[ 1756.127874]  tty_ldisc_open+0xa2/0x120
[ 1756.128347]  tty_ldisc_setup+0x90/0x100
[ 1756.128827]  tty_init_dev.part.0+0x1fa/0x610
[ 1756.129360]  ? pty_open+0x310/0x310
[ 1756.129799]  tty_init_dev+0x5b/0x80
[ 1756.130240]  ptmx_open+0x116/0x370
[ 1756.130672]  ? pty_open+0x310/0x310
[ 1756.131130]  chrdev_open+0x268/0x6e0
[ 1756.131582]  ? __unregister_chrdev+0x110/0x110
[ 1756.132138]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1756.132708]  do_dentry_open+0x4b7/0x1090
[ 1756.133202]  ? __unregister_chrdev+0x110/0x110
[ 1756.133754]  ? may_open+0x1e4/0x400
[ 1756.134196]  path_openat+0x19ba/0x2770
[ 1756.134675]  ? path_lookupat+0x860/0x860
[ 1756.135182]  ? lock_acquire+0x197/0x470
[ 1756.135663]  ? find_held_lock+0x2c/0x110
[ 1756.136163]  do_filp_open+0x190/0x3e0
[ 1756.136623]  ? may_open_dev+0xf0/0xf0
[ 1756.137093]  ? do_raw_spin_lock+0x121/0x260
[ 1756.137616]  ? rwlock_bug.part.0+0x90/0x90
[ 1756.138132]  ? _raw_spin_unlock+0x1a/0x30
[ 1756.138633]  ? alloc_fd+0x2e7/0x670
[ 1756.139099]  do_sys_openat2+0x171/0x4d0
[ 1756.139584]  ? build_open_flags+0x6f0/0x6f0
[ 1756.140106]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1756.140693]  ? wait_for_completion_io+0x270/0x270
[ 1756.141282]  __x64_sys_openat+0x13f/0x1f0
[ 1756.141782]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1756.142293]  ? ksys_write+0x1a9/0x260
[ 1756.142759]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1756.143403]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1756.144029]  do_syscall_64+0x33/0x40
[ 1756.144480]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1756.145101] RIP: 0033:0x7f05ed26ab19
[ 1756.145552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1756.151791] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1756.152709] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1756.153568] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1756.154463] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1756.155356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1756.156216] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1756.157101] CPU: 0 PID: 9380 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1756.157653] kmemleak: Cannot allocate a scan area, scanning the full object
[ 1756.157932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1756.157936] Call Trace:
[ 1756.157949]  dump_stack+0x107/0x167
[ 1756.157962]  should_fail.cold+0x5/0xa
[ 1756.157981]  ? __kernfs_new_node+0xd4/0x860
[ 1756.157995]  should_failslab+0x5/0x20
[ 1756.158006]  kmem_cache_alloc+0x5b/0x310
[ 1756.158024]  __kernfs_new_node+0xd4/0x860
[ 1756.158040]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1756.158057]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1756.158073]  ? wait_for_completion_io+0x270/0x270
[ 1756.158088]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1756.165642]  kernfs_new_node+0x18d/0x250
[ 1756.166140]  __kernfs_create_file+0x51/0x350
[ 1756.166677]  sysfs_add_file_mode_ns+0x221/0x560
[ 1756.167263]  internal_create_group+0x324/0xb30
[ 1756.167823]  ? sysfs_remove_group+0x170/0x170
[ 1756.168367]  ? kernfs_add_one+0x124/0x4d0
[ 1756.168874]  ? kernfs_create_link+0x1b7/0x230
[ 1756.169427]  internal_create_groups.part.0+0x90/0x140
[ 1756.170056]  sysfs_create_groups+0x25/0x50
[ 1756.170571]  device_add+0x7a9/0x1c50
[ 1756.171042]  ? lockdep_init_map_type+0x2c7/0x780
[ 1756.171617]  ? devlink_add_symlinks+0x970/0x970
[ 1756.172189]  netdev_register_kobject+0x17a/0x3b0
[ 1756.172792]  register_netdevice+0xd6e/0x1480
[ 1756.173355]  ? netdev_change_features+0xb0/0xb0
[ 1756.173946]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1756.174502]  __tun_chr_ioctl+0x2156/0x3f60
[ 1756.175052]  ? lock_downgrade+0x6d0/0x6d0
[ 1756.175557]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1756.176140]  ? tun_chr_poll+0x700/0x700
[ 1756.176625]  ? wait_for_completion_io+0x270/0x270
[ 1756.177216]  ? selinux_file_ioctl+0xb6/0x270
[ 1756.177753]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1756.178299]  __x64_sys_ioctl+0x19a/0x210
[ 1756.178792]  do_syscall_64+0x33/0x40
[ 1756.179259]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1756.179879] RIP: 0033:0x7f7955930b19
[ 1756.180333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1756.182557] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1756.183814] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1756.185490] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1756.187238] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1756.188909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1756.190585] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1756.209449] FAULT_INJECTION: forcing a failure.
[ 1756.209449] name failslab, interval 1, probability 0, space 0, times 0
[ 1756.211102] CPU: 1 PID: 9382 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1756.211936] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1756.212944] Call Trace:
[ 1756.213266]  dump_stack+0x107/0x167
[ 1756.213709]  should_fail.cold+0x5/0xa
[ 1756.214175]  ? security_file_alloc+0x34/0x170
[ 1756.214723]  should_failslab+0x5/0x20
[ 1756.215217]  kmem_cache_alloc+0x5b/0x310
[ 1756.215716]  security_file_alloc+0x34/0x170
[ 1756.216243]  __alloc_file+0xb7/0x320
[ 1756.216694]  alloc_empty_file+0x6d/0x170
[ 1756.217187]  path_openat+0xe6/0x2770
[ 1756.217639]  ? __lock_acquire+0x1657/0x5b00
[ 1756.218168]  ? path_lookupat+0x860/0x860
[ 1756.218663]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1756.223324]  ? lock_acquire+0x197/0x470
[ 1756.223804]  ? find_held_lock+0x2c/0x110
[ 1756.224300]  do_filp_open+0x190/0x3e0
[ 1756.224758]  ? may_open_dev+0xf0/0xf0
[ 1756.225226]  ? alloc_fd+0x2e7/0x670
[ 1756.225666]  ? lock_downgrade+0x6d0/0x6d0
[ 1756.226168]  ? do_raw_spin_lock+0x121/0x260
[ 1756.226689]  ? rwlock_bug.part.0+0x90/0x90
[ 1756.227229]  ? _raw_spin_unlock+0x1a/0x30
[ 1756.227728]  ? alloc_fd+0x2e7/0x670
[ 1756.228174]  do_sys_openat2+0x171/0x4d0
[ 1756.228655]  ? build_open_flags+0x6f0/0x6f0
[ 1756.229176]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1756.229760]  ? wait_for_completion_io+0x270/0x270
[ 1756.230347]  __x64_sys_openat+0x13f/0x1f0
[ 1756.230847]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1756.231388]  ? ksys_write+0x1a9/0x260
[ 1756.231854]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1756.232488]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1756.233111]  do_syscall_64+0x33/0x40
[ 1756.233561]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1756.234180] RIP: 0033:0x7f7574521b19
[ 1756.234629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1756.236869] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1756.237785] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1756.238644] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1756.239532] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1756.240392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1756.241253] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:09:02 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:09:02 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 19)

20:09:02 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:09:02 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 36)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:09:02 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 34)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:09:02 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:09:02 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 73)

20:09:02 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 7)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1769.518608] FAULT_INJECTION: forcing a failure.
[ 1769.518608] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.524719] CPU: 1 PID: 9401 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1769.525564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1769.526597] Call Trace:
[ 1769.526941]  dump_stack+0x107/0x167
[ 1769.527421]  should_fail.cold+0x5/0xa
[ 1769.528138]  ? create_object.isra.0+0x3a/0xa20
[ 1769.528717]  should_failslab+0x5/0x20
[ 1769.529205]  kmem_cache_alloc+0x5b/0x310
[ 1769.529719]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 1769.530413]  create_object.isra.0+0x3a/0xa20
[ 1769.530969]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1769.531628]  kmem_cache_alloc+0x159/0x310
[ 1769.532162]  security_file_alloc+0x34/0x170
[ 1769.532711]  __alloc_file+0xb7/0x320
[ 1769.533184]  alloc_empty_file+0x6d/0x170
[ 1769.533702]  path_openat+0xe6/0x2770
[ 1769.534176]  ? __lock_acquire+0x1657/0x5b00
[ 1769.534732]  ? path_lookupat+0x860/0x860
[ 1769.535248]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1769.535920]  ? lock_acquire+0x197/0x470
[ 1769.536420]  ? find_held_lock+0x2c/0x110
[ 1769.536943]  do_filp_open+0x190/0x3e0
[ 1769.537420]  ? may_open_dev+0xf0/0xf0
[ 1769.537896]  ? alloc_fd+0x2e7/0x670
[ 1769.538358]  ? lock_downgrade+0x6d0/0x6d0
[ 1769.538882]  ? do_raw_spin_lock+0x121/0x260
[ 1769.539439]  ? rwlock_bug.part.0+0x90/0x90
[ 1769.539985]  ? _raw_spin_unlock+0x1a/0x30
[ 1769.540512]  ? alloc_fd+0x2e7/0x670
[ 1769.540982]  do_sys_openat2+0x171/0x4d0
[ 1769.541488]  ? build_open_flags+0x6f0/0x6f0
[ 1769.542034]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.542645]  ? wait_for_completion_io+0x270/0x270
[ 1769.543260]  __x64_sys_openat+0x13f/0x1f0
[ 1769.543805]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1769.544339]  ? ksys_write+0x1a9/0x260
[ 1769.544825]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1769.545467]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1769.546101]  do_syscall_64+0x33/0x40
[ 1769.546556]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1769.547189] RIP: 0033:0x7f7574521b19
[ 1769.547681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1769.549979] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1769.550935] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1769.559875] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1769.560738] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1769.561598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1769.562466] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1769.570332] FAULT_INJECTION: forcing a failure.
[ 1769.570332] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.571835] CPU: 0 PID: 9403 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1769.572637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1769.573608] Call Trace:
[ 1769.573948]  dump_stack+0x107/0x167
[ 1769.574372]  should_fail.cold+0x5/0xa
[ 1769.574816]  ? kmemleak_scan_area+0xa6/0x360
[ 1769.575328]  should_failslab+0x5/0x20
[ 1769.575812]  kmem_cache_alloc+0x5b/0x310
[ 1769.576287]  kmemleak_scan_area+0xa6/0x360
[ 1769.576779]  alloc_vmap_area+0x171/0x1d10
[ 1769.577258]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1769.577870]  ? mark_held_locks+0x9e/0xe0
[ 1769.578345]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1769.578865]  ? kasan_unpoison_shadow+0x33/0x50
[ 1769.579417]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1769.580018]  __get_vm_area_node+0x127/0x340
[ 1769.580523]  __vmalloc_node_range+0x13f/0x9e0
[ 1769.581042]  ? n_tty_open+0x16/0x170
[ 1769.581473]  ? n_tty_open+0x16/0x170
[ 1769.581911]  ? __vmalloc_node+0x110/0x110
[ 1769.582393]  ? up_write+0x191/0x550
[ 1769.582817]  ? down_write_killable+0x180/0x180
[ 1769.583364]  ? n_tty_open+0x16/0x170
[ 1769.583832]  __vmalloc_node+0xb5/0x110
[ 1769.584281]  ? n_tty_open+0x16/0x170
[ 1769.584713]  n_tty_open+0x16/0x170
[ 1769.585122]  ? n_tty_set_termios+0x1010/0x1010
[ 1769.585646]  tty_ldisc_open+0xa2/0x120
[ 1769.586096]  tty_ldisc_setup+0x90/0x100
[ 1769.586555]  tty_init_dev.part.0+0x1fa/0x610
[ 1769.587065]  ? pty_open+0x310/0x310
[ 1769.587516]  tty_init_dev+0x5b/0x80
[ 1769.587938]  ptmx_open+0x116/0x370
[ 1769.588351]  ? pty_open+0x310/0x310
[ 1769.588772]  chrdev_open+0x268/0x6e0
[ 1769.589203]  ? __unregister_chrdev+0x110/0x110
[ 1769.589734]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1769.590279]  do_dentry_open+0x4b7/0x1090
[ 1769.590749]  ? __unregister_chrdev+0x110/0x110
[ 1769.591275]  ? may_open+0x1e4/0x400
[ 1769.591730]  path_openat+0x19ba/0x2770
[ 1769.592188]  ? path_lookupat+0x860/0x860
[ 1769.592658]  ? lock_acquire+0x197/0x470
[ 1769.593116]  ? find_held_lock+0x2c/0x110
[ 1769.593594]  do_filp_open+0x190/0x3e0
[ 1769.594031]  ? may_open_dev+0xf0/0xf0
[ 1769.594480]  ? do_raw_spin_lock+0x121/0x260
[ 1769.594980]  ? rwlock_bug.part.0+0x90/0x90
[ 1769.595520]  ? _raw_spin_unlock+0x1a/0x30
[ 1769.596000]  ? alloc_fd+0x2e7/0x670
[ 1769.596429]  do_sys_openat2+0x171/0x4d0
[ 1769.596890]  ? build_open_flags+0x6f0/0x6f0
[ 1769.597387]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.597946]  ? wait_for_completion_io+0x270/0x270
[ 1769.598507]  __x64_sys_openat+0x13f/0x1f0
[ 1769.598986]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1769.599508]  ? ksys_write+0x1a9/0x260
[ 1769.599956]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1769.600567]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1769.601165]  do_syscall_64+0x33/0x40
[ 1769.601611]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1769.602214] RIP: 0033:0x7f05ed26ab19
[ 1769.602645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1769.604852] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1769.605729] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1769.606550] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1769.607373] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1769.608228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1769.609049] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1769.626541] FAULT_INJECTION: forcing a failure.
[ 1769.626541] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.628011] CPU: 0 PID: 9393 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1769.628845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1769.629862] Call Trace:
[ 1769.630191]  dump_stack+0x107/0x167
[ 1769.630640]  should_fail.cold+0x5/0xa
[ 1769.631107]  ? create_object.isra.0+0x3a/0xa20
[ 1769.631700]  should_failslab+0x5/0x20
[ 1769.632164]  kmem_cache_alloc+0x5b/0x310
[ 1769.632661]  create_object.isra.0+0x3a/0xa20
[ 1769.633194]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1769.633811]  kmem_cache_alloc+0x159/0x310
[ 1769.634320]  __kernfs_new_node+0xd4/0x860
[ 1769.634826]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1769.639431]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.639790] FAULT_INJECTION: forcing a failure.
[ 1769.639790] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.640030]  ? wait_for_completion_io+0x270/0x270
[ 1769.640047]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1769.640066]  kernfs_new_node+0x18d/0x250
[ 1769.643260]  __kernfs_create_file+0x51/0x350
[ 1769.643835]  sysfs_add_file_mode_ns+0x221/0x560
[ 1769.644411]  internal_create_group+0x324/0xb30
[ 1769.644969]  ? sysfs_remove_group+0x170/0x170
[ 1769.645515]  ? kernfs_add_one+0x124/0x4d0
[ 1769.646020]  ? kernfs_create_link+0x1b7/0x230
[ 1769.646568]  internal_create_groups.part.0+0x90/0x140
[ 1769.647196]  sysfs_create_groups+0x25/0x50
[ 1769.647747]  device_add+0x7a9/0x1c50
[ 1769.648223]  ? lockdep_init_map_type+0x2c7/0x780
[ 1769.648797]  ? devlink_add_symlinks+0x970/0x970
[ 1769.649369]  netdev_register_kobject+0x17a/0x3b0
[ 1769.649947]  register_netdevice+0xd6e/0x1480
[ 1769.650484]  ? netdev_change_features+0xb0/0xb0
[ 1769.651049]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1769.651617]  __tun_chr_ioctl+0x2156/0x3f60
[ 1769.652135]  ? lock_downgrade+0x6d0/0x6d0
[ 1769.652638]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.653223]  ? tun_chr_poll+0x700/0x700
[ 1769.653706]  ? wait_for_completion_io+0x270/0x270
[ 1769.654300]  ? selinux_file_ioctl+0xb6/0x270
[ 1769.654836]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1769.655394]  __x64_sys_ioctl+0x19a/0x210
[ 1769.655911]  do_syscall_64+0x33/0x40
[ 1769.656365]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1769.656985] RIP: 0033:0x7f7955930b19
[ 1769.657439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1769.663696] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1769.664619] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1769.665483] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1769.666346] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1769.667208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1769.668109] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1769.671666] CPU: 1 PID: 9395 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1769.672586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1769.673624] Call Trace:
[ 1769.673971]  dump_stack+0x107/0x167
[ 1769.674435]  should_fail.cold+0x5/0xa
[ 1769.674919]  should_failslab+0x5/0x20
[ 1769.675420]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1769.676009]  io_submit_sqes+0x6fe6/0x8610
[ 1769.676564]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1769.677197]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1769.677812]  ? lock_downgrade+0x6d0/0x6d0
[ 1769.678339]  ? find_held_lock+0x2c/0x110
[ 1769.678857]  ? io_submit_sqes+0x8610/0x8610
[ 1769.679434]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.680058]  ? wait_for_completion_io+0x270/0x270
[ 1769.680676]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1769.681263]  ? vfs_write+0x354/0xb10
[ 1769.681735]  ? fput_many+0x2f/0x1a0
[ 1769.682198]  ? ksys_write+0x1a9/0x260
[ 1769.682680]  ? __ia32_sys_read+0xb0/0xb0
[ 1769.683190]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1769.683859]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1769.684506]  do_syscall_64+0x33/0x40
[ 1769.684978]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1769.685621] RIP: 0033:0x7fb7d3ecdb19
[ 1769.686094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1769.692404] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1769.693356] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1769.694239] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1769.695127] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1769.696042] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1769.696934] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1769.697324] FAULT_INJECTION: forcing a failure.
[ 1769.697324] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.699313] CPU: 0 PID: 9402 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1769.700179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1769.701184] Call Trace:
[ 1769.701505]  dump_stack+0x107/0x167
[ 1769.701947]  should_fail.cold+0x5/0xa
[ 1769.702412]  ? __kernfs_new_node+0xd4/0x860
[ 1769.702936]  should_failslab+0x5/0x20
[ 1769.703417]  kmem_cache_alloc+0x5b/0x310
[ 1769.703937]  __kernfs_new_node+0xd4/0x860
[ 1769.704439]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1769.705076]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1769.705655]  ? lock_acquire+0x197/0x470
[ 1769.706135]  ? find_held_lock+0x2c/0x110
[ 1769.706630]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1769.707216]  kernfs_new_node+0x18d/0x250
[ 1769.707750]  kernfs_create_link+0xcb/0x230
[ 1769.708266]  sysfs_do_create_link_sd+0x90/0x140
[ 1769.708830]  sysfs_create_link+0x5f/0xc0
[ 1769.709324]  device_add+0x703/0x1c50
[ 1769.709776]  ? lockdep_init_map_type+0x2c7/0x780
[ 1769.710349]  ? devlink_add_symlinks+0x970/0x970
[ 1769.710920]  netdev_register_kobject+0x17a/0x3b0
[ 1769.711535]  register_netdevice+0xd6e/0x1480
[ 1769.712078]  ? netdev_change_features+0xb0/0xb0
[ 1769.712643]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1769.713171]  __tun_chr_ioctl+0x2156/0x3f60
[ 1769.713685]  ? lock_downgrade+0x6d0/0x6d0
[ 1769.714187]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.714770]  ? tun_chr_poll+0x700/0x700
[ 1769.715254]  ? wait_for_completion_io+0x270/0x270
[ 1769.715875]  ? selinux_file_ioctl+0xb6/0x270
[ 1769.716413]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1769.716957]  __x64_sys_ioctl+0x19a/0x210
[ 1769.717450]  do_syscall_64+0x33/0x40
[ 1769.717900]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1769.718519] RIP: 0033:0x7fc68ced6b19
[ 1769.718970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1769.721224] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1769.722143] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1769.723005] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1769.723904] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1769.724768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1769.725630] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:09:03 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 8)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1769.769757] FAULT_INJECTION: forcing a failure.
[ 1769.769757] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.771227] CPU: 0 PID: 9409 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1769.772144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1769.773148] Call Trace:
[ 1769.773472]  dump_stack+0x107/0x167
[ 1769.773914]  should_fail.cold+0x5/0xa
[ 1769.774380]  ? tty_alloc_file+0x3d/0xa0
[ 1769.774864]  should_failslab+0x5/0x20
[ 1769.775327]  kmem_cache_alloc_trace+0x55/0x320
[ 1769.776752]  ? kobject_get_unless_zero+0x15a/0x1e0
[ 1769.778160]  ? pty_open+0x310/0x310
[ 1769.779170]  tty_alloc_file+0x3d/0xa0
[ 1769.779802]  ptmx_open+0x63/0x370
[ 1769.780228]  ? pty_open+0x310/0x310
[ 1769.780670]  chrdev_open+0x268/0x6e0
[ 1769.781123]  ? __unregister_chrdev+0x110/0x110
[ 1769.781683]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1769.782256]  do_dentry_open+0x4b7/0x1090
[ 1769.782750]  ? __unregister_chrdev+0x110/0x110
[ 1769.783303]  ? may_open+0x1e4/0x400
[ 1769.783810]  path_openat+0x19ba/0x2770
[ 1769.784315]  ? path_lookupat+0x860/0x860
[ 1769.784812]  ? lock_acquire+0x197/0x470
[ 1769.785298]  ? find_held_lock+0x2c/0x110
[ 1769.785909]  do_filp_open+0x190/0x3e0
[ 1769.786370]  ? may_open_dev+0xf0/0xf0
[ 1769.787053]  ? do_raw_spin_lock+0x121/0x260
[ 1769.787639]  ? rwlock_bug.part.0+0x90/0x90
[ 1769.788159]  ? _raw_spin_unlock+0x1a/0x30
[ 1769.788663]  ? alloc_fd+0x2e7/0x670
[ 1769.789112]  do_sys_openat2+0x171/0x4d0
[ 1769.789597]  ? build_open_flags+0x6f0/0x6f0
[ 1769.790120]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.790707]  ? wait_for_completion_io+0x270/0x270
[ 1769.791296]  __x64_sys_openat+0x13f/0x1f0
[ 1769.791863]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1769.792377]  ? ksys_write+0x1a9/0x260
[ 1769.792844]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1769.793478]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1769.794103]  do_syscall_64+0x33/0x40
[ 1769.794555]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1769.795176] RIP: 0033:0x7f7574521b19
[ 1769.795681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1769.797961] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1769.798882] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1769.799785] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1769.800649] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1769.801509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1769.802371] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:09:03 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 37)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:09:03 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 74)

20:09:03 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 35)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:09:03 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
r2 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x9, 0x2, 0x0, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000)
syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r5, 0x0, 0x0}, 0x80000001)
io_uring_enter(r2, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1769.905520] FAULT_INJECTION: forcing a failure.
[ 1769.905520] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.907076] CPU: 1 PID: 9415 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1769.911969] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1769.913009] Call Trace:
[ 1769.913354]  dump_stack+0x107/0x167
[ 1769.913810]  should_fail.cold+0x5/0xa
[ 1769.914301]  ? create_object.isra.0+0x3a/0xa20
[ 1769.914880]  should_failslab+0x5/0x20
20:09:03 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 20)

[ 1769.915364]  kmem_cache_alloc+0x5b/0x310
[ 1769.923477]  create_object.isra.0+0x3a/0xa20
[ 1769.924035]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1769.924681]  __kmalloc_node+0x1ae/0x420
[ 1769.925192]  __vmalloc_node_range+0x7a2/0x9e0
[ 1769.925766]  ? __vmalloc_node+0x110/0x110
[ 1769.926297]  ? up_write+0x191/0x550
[ 1769.926759]  ? down_write_killable+0x180/0x180
[ 1769.927343]  ? n_tty_open+0x16/0x170
[ 1769.927832]  __vmalloc_node+0xb5/0x110
[ 1769.927850] FAULT_INJECTION: forcing a failure.
[ 1769.927850] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.929700]  ? n_tty_open+0x16/0x170
[ 1769.930177]  n_tty_open+0x16/0x170
[ 1769.930625]  ? n_tty_set_termios+0x1010/0x1010
[ 1769.931202]  tty_ldisc_open+0xa2/0x120
[ 1769.931710]  tty_ldisc_setup+0x90/0x100
[ 1769.932213]  tty_init_dev.part.0+0x1fa/0x610
[ 1769.932761]  ? pty_open+0x310/0x310
[ 1769.933220]  tty_init_dev+0x5b/0x80
[ 1769.933679]  ptmx_open+0x116/0x370
[ 1769.934137]  ? pty_open+0x310/0x310
[ 1769.934599]  chrdev_open+0x268/0x6e0
[ 1769.935075]  ? __unregister_chrdev+0x110/0x110
[ 1769.935671]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1769.936278]  do_dentry_open+0x4b7/0x1090
[ 1769.936796]  ? __unregister_chrdev+0x110/0x110
[ 1769.937377]  ? may_open+0x1e4/0x400
[ 1769.937844]  path_openat+0x19ba/0x2770
[ 1769.938352]  ? path_lookupat+0x860/0x860
[ 1769.938869]  ? lock_acquire+0x197/0x470
[ 1769.939374]  ? find_held_lock+0x2c/0x110
[ 1769.939912]  do_filp_open+0x190/0x3e0
[ 1769.940388]  ? may_open_dev+0xf0/0xf0
[ 1769.940880]  ? do_raw_spin_lock+0x121/0x260
[ 1769.941432]  ? rwlock_bug.part.0+0x90/0x90
[ 1769.941978]  ? _raw_spin_unlock+0x1a/0x30
[ 1769.942508]  ? alloc_fd+0x2e7/0x670
[ 1769.942979]  do_sys_openat2+0x171/0x4d0
[ 1769.947518]  ? build_open_flags+0x6f0/0x6f0
[ 1769.948063]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.948677]  ? wait_for_completion_io+0x270/0x270
[ 1769.949287]  __x64_sys_openat+0x13f/0x1f0
[ 1769.949804]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1769.950339]  ? ksys_write+0x1a9/0x260
[ 1769.950829]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1769.951505]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1769.952165]  do_syscall_64+0x33/0x40
[ 1769.952633]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1769.953282] RIP: 0033:0x7f05ed26ab19
[ 1769.953759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1769.956077] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1769.957038] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1769.957929] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1769.958826] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1769.959731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1769.960630] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
[ 1769.961551] CPU: 0 PID: 9418 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1769.962421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1769.963502] Call Trace:
[ 1769.963833]  dump_stack+0x107/0x167
[ 1769.964277]  should_fail.cold+0x5/0xa
[ 1769.964744]  ? __kernfs_new_node+0xd4/0x860
[ 1769.965269]  should_failslab+0x5/0x20
[ 1769.965731]  kmem_cache_alloc+0x5b/0x310
[ 1769.966228]  __kernfs_new_node+0xd4/0x860
[ 1769.966734]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1769.967321]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.967940]  ? wait_for_completion_io+0x270/0x270
[ 1769.968554]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1769.969191]  kernfs_new_node+0x18d/0x250
[ 1769.969687]  __kernfs_create_file+0x51/0x350
[ 1769.970221]  sysfs_add_file_mode_ns+0x221/0x560
[ 1769.970789]  internal_create_group+0x324/0xb30
[ 1769.971346]  ? sysfs_remove_group+0x170/0x170
[ 1769.971918]  ? kernfs_add_one+0x124/0x4d0
[ 1769.972450]  ? kernfs_create_link+0x1b7/0x230
[ 1769.973021]  internal_create_groups.part.0+0x90/0x140
[ 1769.973673]  sysfs_create_groups+0x25/0x50
[ 1769.974187]  device_add+0x7a9/0x1c50
[ 1769.974644]  ? lockdep_init_map_type+0x2c7/0x780
[ 1769.975217]  ? devlink_add_symlinks+0x970/0x970
[ 1769.975837]  netdev_register_kobject+0x17a/0x3b0
[ 1769.976417]  register_netdevice+0xd6e/0x1480
[ 1769.976953]  ? netdev_change_features+0xb0/0xb0
[ 1769.977520]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1769.978049]  __tun_chr_ioctl+0x2156/0x3f60
[ 1769.978563]  ? lock_downgrade+0x6d0/0x6d0
[ 1769.979065]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1769.979686]  ? tun_chr_poll+0x700/0x700
[ 1769.980170]  ? wait_for_completion_io+0x270/0x270
[ 1769.980760]  ? selinux_file_ioctl+0xb6/0x270
[ 1769.981296]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1769.981841]  __x64_sys_ioctl+0x19a/0x210
[ 1769.982335]  do_syscall_64+0x33/0x40
[ 1769.982786]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1769.983421] RIP: 0033:0x7f7955930b19
[ 1769.983979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1769.986289] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1769.987251] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1769.988209] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1769.989075] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1769.989936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1769.990799] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1770.034802] FAULT_INJECTION: forcing a failure.
[ 1770.034802] name failslab, interval 1, probability 0, space 0, times 0
[ 1770.036417] CPU: 0 PID: 9426 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1770.037289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1770.038333] Call Trace:
[ 1770.038659]  dump_stack+0x107/0x167
[ 1770.039102]  should_fail.cold+0x5/0xa
[ 1770.039605]  ? create_object.isra.0+0x3a/0xa20
[ 1770.040165]  should_failslab+0x5/0x20
[ 1770.040631]  kmem_cache_alloc+0x5b/0x310
[ 1770.041130]  create_object.isra.0+0x3a/0xa20
[ 1770.041666]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1770.042287]  kmem_cache_alloc_bulk+0x168/0x320
[ 1770.042850]  io_submit_sqes+0x6fe6/0x8610
[ 1770.043373]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1770.044022]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1770.044614]  ? lock_downgrade+0x6d0/0x6d0
[ 1770.045117]  ? find_held_lock+0x2c/0x110
[ 1770.045615]  ? io_submit_sqes+0x8610/0x8610
[ 1770.046146]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1770.046737]  ? wait_for_completion_io+0x270/0x270
[ 1770.047327]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1770.047931]  ? vfs_write+0x354/0xb10
[ 1770.048387]  ? fput_many+0x2f/0x1a0
[ 1770.048832]  ? ksys_write+0x1a9/0x260
[ 1770.049297]  ? __ia32_sys_read+0xb0/0xb0
[ 1770.049794]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1770.050434]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1770.051063]  do_syscall_64+0x33/0x40
[ 1770.051558]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1770.052193] RIP: 0033:0x7fb7d3ecdb19
[ 1770.052659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1770.054956] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1770.055948] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1770.056817] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1770.057852] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1770.058714] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1770.059620] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:09:03 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
clone3(&(0x7f0000000600)={0x2000, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000400)=<r6=>0x0, {0x40}, &(0x7f0000000500)=""/181, 0xb5, &(0x7f0000000440)=""/12, &(0x7f00000005c0)=[0xffffffffffffffff, 0x0], 0x2}, 0x58)
perf_event_open(&(0x7f0000000200)={0x4, 0x80, 0x7c, 0x8e, 0x3f, 0x76, 0x0, 0x1000, 0x48, 0x6, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x101, 0x2, @perf_config_ext={0xb87a, 0x1f}, 0x2, 0x401, 0x0, 0x7, 0x1ff, 0x1, 0x1ff, 0x0, 0x400, 0x0, 0x8}, r6, 0x4, 0xffffffffffffffff, 0x2)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
io_uring_enter(r5, 0x316, 0x917b, 0x1, &(0x7f0000000140)={[0x5]}, 0x8)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, 0xfffffffffffffffd, 0x7)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
r9 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000680)='/proc/self/attr/sockcreate\x00', 0x2, 0x0)
fcntl$setlease(r9, 0x400, 0x2)
syz_io_uring_submit(r8, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r7, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
sendfile(r1, r0, &(0x7f0000000100)=0xcd0, 0x2)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000000))
openat(0xffffffffffffffff, &(0x7f00000006c0)='./file0\x00', 0x200100, 0x0)

20:09:03 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 21)

[ 1770.200804] FAULT_INJECTION: forcing a failure.
[ 1770.200804] name failslab, interval 1, probability 0, space 0, times 0
[ 1770.202283] CPU: 0 PID: 9419 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1770.203115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1770.204163] Call Trace:
[ 1770.204494]  dump_stack+0x107/0x167
[ 1770.204939]  should_fail.cold+0x5/0xa
[ 1770.205408]  ? create_object.isra.0+0x3a/0xa20
[ 1770.205967]  should_failslab+0x5/0x20
[ 1770.206435]  kmem_cache_alloc+0x5b/0x310
[ 1770.206932]  ? mutex_lock_io_nested+0xf30/0xf30
[ 1770.207542]  create_object.isra.0+0x3a/0xa20
[ 1770.208080]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1770.208702]  kmem_cache_alloc+0x159/0x310
[ 1770.209216]  __kernfs_new_node+0xd4/0x860
[ 1770.209722]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1770.210364]  ? kernfs_add_one+0x124/0x4d0
[ 1770.211039]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1770.211758]  ? lock_acquire+0x197/0x470
[ 1770.212423]  ? find_held_lock+0x2c/0x110
[ 1770.212921]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1770.213510]  kernfs_new_node+0x18d/0x250
[ 1770.214007]  kernfs_create_link+0xcb/0x230
[ 1770.214523]  sysfs_do_create_link_sd+0x90/0x140
[ 1770.215089]  sysfs_create_link+0x5f/0xc0
[ 1770.215625]  device_add+0x5e1/0x1c50
[ 1770.216083]  ? lockdep_init_map_type+0x2c7/0x780
[ 1770.216660]  ? devlink_add_symlinks+0x970/0x970
[ 1770.217251]  netdev_register_kobject+0x17a/0x3b0
[ 1770.217832]  register_netdevice+0xd6e/0x1480
[ 1770.218372]  ? netdev_change_features+0xb0/0xb0
[ 1770.218940]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1770.223524]  __tun_chr_ioctl+0x2156/0x3f60
[ 1770.224042]  ? lock_downgrade+0x6d0/0x6d0
[ 1770.224548]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1770.225134]  ? tun_chr_poll+0x700/0x700
[ 1770.225617]  ? wait_for_completion_io+0x270/0x270
[ 1770.226209]  ? selinux_file_ioctl+0xb6/0x270
[ 1770.226745]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1770.227292]  __x64_sys_ioctl+0x19a/0x210
[ 1770.227824]  do_syscall_64+0x33/0x40
[ 1770.228280]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1770.228902] RIP: 0033:0x7fc68ced6b19
[ 1770.229357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1770.231617] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1770.232542] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1770.233409] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1770.234309] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1770.235211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1770.236118] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1770.252396] FAULT_INJECTION: forcing a failure.
[ 1770.252396] name failslab, interval 1, probability 0, space 0, times 0
[ 1770.253809] CPU: 0 PID: 9433 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1770.254637] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1770.255699] Call Trace:
[ 1770.256022]  dump_stack+0x107/0x167
[ 1770.256469]  should_fail.cold+0x5/0xa
[ 1770.256941]  ? create_object.isra.0+0x3a/0xa20
[ 1770.257499]  should_failslab+0x5/0x20
[ 1770.257962]  kmem_cache_alloc+0x5b/0x310
[ 1770.258458]  ? mark_held_locks+0x9e/0xe0
[ 1770.258954]  create_object.isra.0+0x3a/0xa20
[ 1770.259531]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1770.260153]  kmem_cache_alloc_bulk+0x168/0x320
[ 1770.260715]  io_submit_sqes+0x6fe6/0x8610
[ 1770.261239]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1770.261852]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1770.262441]  ? lock_downgrade+0x6d0/0x6d0
[ 1770.262943]  ? find_held_lock+0x2c/0x110
[ 1770.263465]  ? io_submit_sqes+0x8610/0x8610
[ 1770.264003]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1770.264594]  ? wait_for_completion_io+0x270/0x270
[ 1770.265183]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1770.265975]  ? vfs_write+0x354/0xb10
[ 1770.266429]  ? fput_many+0x2f/0x1a0
[ 1770.266872]  ? ksys_write+0x1a9/0x260
[ 1770.267335]  ? __ia32_sys_read+0xb0/0xb0
[ 1770.267854]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1770.268492]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1770.269123]  do_syscall_64+0x33/0x40
[ 1770.269576]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1770.270198] RIP: 0033:0x7fb7d3ecdb19
[ 1770.270651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1770.272909] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1770.273834] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1770.274700] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1770.275771] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1770.276502] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1770.277238] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1784.010323] FAULT_INJECTION: forcing a failure.
[ 1784.010323] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.011955] CPU: 1 PID: 9443 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1784.012817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.013866] Call Trace:
[ 1784.014238]  dump_stack+0x107/0x167
[ 1784.014701]  should_fail.cold+0x5/0xa
[ 1784.015187]  ? create_object.isra.0+0x3a/0xa20
[ 1784.015768]  should_failslab+0x5/0x20
[ 1784.016274]  kmem_cache_alloc+0x5b/0x310
[ 1784.016793]  create_object.isra.0+0x3a/0xa20
[ 1784.017348]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1784.017993]  kmem_cache_alloc_trace+0x151/0x320
[ 1784.018635]  ? pty_open+0x310/0x310
20:09:17 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r6, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

20:09:17 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 75)

20:09:17 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 38)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:09:17 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 9)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1784.019131]  tty_alloc_file+0x3d/0xa0
[ 1784.024272]  ptmx_open+0x63/0x370
[ 1784.024713]  ? pty_open+0x310/0x310
[ 1784.025177]  chrdev_open+0x268/0x6e0
[ 1784.025650]  ? __unregister_chrdev+0x110/0x110
[ 1784.026238]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1784.026840]  do_dentry_open+0x4b7/0x1090
[ 1784.027390]  ? __unregister_chrdev+0x110/0x110
[ 1784.027976]  ? may_open+0x1e4/0x400
[ 1784.028446]  path_openat+0x19ba/0x2770
[ 1784.028947]  ? path_lookupat+0x860/0x860
[ 1784.029105] FAULT_INJECTION: forcing a failure.
[ 1784.029105] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.029465]  ? lock_acquire+0x197/0x470
[ 1784.029486]  ? find_held_lock+0x2c/0x110
[ 1784.036026]  do_filp_open+0x190/0x3e0
[ 1784.036506]  ? may_open_dev+0xf0/0xf0
[ 1784.036998]  ? do_raw_spin_lock+0x121/0x260
[ 1784.037547]  ? rwlock_bug.part.0+0x90/0x90
[ 1784.038099]  ? _raw_spin_unlock+0x1a/0x30
[ 1784.038660]  ? alloc_fd+0x2e7/0x670
[ 1784.039156]  do_sys_openat2+0x171/0x4d0
[ 1784.039661]  ? build_open_flags+0x6f0/0x6f0
[ 1784.040233]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.040844]  ? wait_for_completion_io+0x270/0x270
[ 1784.041461]  __x64_sys_openat+0x13f/0x1f0
[ 1784.041985]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1784.042569]  ? ksys_write+0x1a9/0x260
[ 1784.043064]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1784.043727]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1784.044393]  do_syscall_64+0x33/0x40
[ 1784.044867]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.045514] RIP: 0033:0x7f7574521b19
[ 1784.045986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.048301] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1784.049224] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1784.050084] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1784.050998] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.051931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1784.052862] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1784.053790] CPU: 0 PID: 9442 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1784.054717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.055797] Call Trace:
[ 1784.056191]  dump_stack+0x107/0x167
[ 1784.056695]  should_fail.cold+0x5/0xa
[ 1784.057229]  ? create_object.isra.0+0x3a/0xa20
[ 1784.057825]  should_failslab+0x5/0x20
[ 1784.058324]  kmem_cache_alloc+0x5b/0x310
[ 1784.058857]  create_object.isra.0+0x3a/0xa20
[ 1784.059429]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1784.064128]  kmem_cache_alloc+0x159/0x310
[ 1784.064717]  __kernfs_new_node+0xd4/0x860
[ 1784.065291]  ? mark_held_locks+0x9e/0xe0
[ 1784.065820]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1784.066442]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.067068]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1784.067773]  ? wait_for_completion_io+0x270/0x270
[ 1784.068471]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1784.069184]  kernfs_new_node+0x18d/0x250
[ 1784.069716]  __kernfs_create_file+0x51/0x350
[ 1784.070294]  sysfs_add_file_mode_ns+0x221/0x560
[ 1784.070907]  internal_create_group+0x324/0xb30
[ 1784.071511]  ? sysfs_remove_group+0x170/0x170
[ 1784.072113]  ? kernfs_add_one+0x124/0x4d0
[ 1784.072655]  ? kernfs_create_link+0x1b7/0x230
[ 1784.073278]  internal_create_groups.part.0+0x90/0x140
[ 1784.073963]  sysfs_create_groups+0x25/0x50
[ 1784.074547]  device_add+0x7a9/0x1c50
[ 1784.075038]  ? lockdep_init_map_type+0x2c7/0x780
[ 1784.075657]  ? devlink_add_symlinks+0x970/0x970
[ 1784.076291]  netdev_register_kobject+0x17a/0x3b0
[ 1784.076912]  register_netdevice+0xd6e/0x1480
[ 1784.077538]  ? netdev_change_features+0xb0/0xb0
[ 1784.078180]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1784.078761]  __tun_chr_ioctl+0x2156/0x3f60
[ 1784.079318]  ? lock_downgrade+0x6d0/0x6d0
[ 1784.079862]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.080512]  ? tun_chr_poll+0x700/0x700
[ 1784.081034]  ? wait_for_completion_io+0x270/0x270
[ 1784.081677]  ? selinux_file_ioctl+0xb6/0x270
[ 1784.082261]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1784.082456] FAULT_INJECTION: forcing a failure.
[ 1784.082456] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.082856]  __x64_sys_ioctl+0x19a/0x210
[ 1784.082876]  do_syscall_64+0x33/0x40
[ 1784.088916]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.089585] RIP: 0033:0x7f7955930b19
[ 1784.090073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.092527] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1784.093512] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1784.094434] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1784.095354] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.096286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1784.097208] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1784.098156] CPU: 1 PID: 9449 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1784.099034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.104149] Call Trace:
[ 1784.104496]  dump_stack+0x107/0x167
[ 1784.104958]  should_fail.cold+0x5/0xa
[ 1784.105441]  ? create_object.isra.0+0x3a/0xa20
[ 1784.106012]  should_failslab+0x5/0x20
[ 1784.106484]  kmem_cache_alloc+0x5b/0x310
[ 1784.106999]  ? mark_held_locks+0x9e/0xe0
[ 1784.107555]  create_object.isra.0+0x3a/0xa20
[ 1784.108132]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1784.108780]  kmem_cache_alloc_bulk+0x168/0x320
[ 1784.109364]  io_submit_sqes+0x6fe6/0x8610
[ 1784.109913]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1784.110534]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1784.111152]  ? lock_downgrade+0x6d0/0x6d0
[ 1784.111663]  ? find_held_lock+0x2c/0x110
[ 1784.112185]  ? io_submit_sqes+0x8610/0x8610
[ 1784.112785]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.113428]  ? wait_for_completion_io+0x270/0x270
[ 1784.114041]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1784.114628]  ? vfs_write+0x354/0xb10
[ 1784.115096]  ? fput_many+0x2f/0x1a0
[ 1784.115556]  ? ksys_write+0x1a9/0x260
[ 1784.116054]  ? __ia32_sys_read+0xb0/0xb0
[ 1784.116619]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1784.117305]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1784.117956]  do_syscall_64+0x33/0x40
[ 1784.118426]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.119067] RIP: 0033:0x7fb7d3ecdb19
[ 1784.119530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.125883] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1784.126853] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1784.127741] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1784.128653] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.129580] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1784.130490] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1784.138390] FAULT_INJECTION: forcing a failure.
[ 1784.138390] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1784.140089] CPU: 1 PID: 9445 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1784.141056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.142124] Call Trace:
[ 1784.142460]  dump_stack+0x107/0x167
[ 1784.142943]  should_fail.cold+0x5/0xa
[ 1784.143477]  __alloc_pages_nodemask+0x182/0x600
[ 1784.144120]  ? __kmalloc_node+0x1ae/0x420
[ 1784.144653]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1784.145421]  ? mark_held_locks+0x9e/0xe0
[ 1784.145958]  ? trace_hardirqs_on+0x5b/0x180
[ 1784.146511]  alloc_pages_current+0x187/0x280
[ 1784.147097]  __vmalloc_node_range+0x60a/0x9e0
[ 1784.147724]  ? __vmalloc_node+0x110/0x110
[ 1784.148363]  ? up_write+0x191/0x550
[ 1784.148838]  ? down_write_killable+0x180/0x180
[ 1784.149416]  ? n_tty_open+0x16/0x170
[ 1784.149915]  __vmalloc_node+0xb5/0x110
[ 1784.150410]  ? n_tty_open+0x16/0x170
[ 1784.150945]  n_tty_open+0x16/0x170
[ 1784.151461]  ? n_tty_set_termios+0x1010/0x1010
[ 1784.152150]  tty_ldisc_open+0xa2/0x120
[ 1784.152766]  tty_ldisc_setup+0x90/0x100
[ 1784.153367]  tty_init_dev.part.0+0x1fa/0x610
[ 1784.154011]  ? pty_open+0x310/0x310
[ 1784.154536]  tty_init_dev+0x5b/0x80
[ 1784.155067]  ptmx_open+0x116/0x370
[ 1784.155584]  ? pty_open+0x310/0x310
[ 1784.156124]  chrdev_open+0x268/0x6e0
[ 1784.156705]  ? __unregister_chrdev+0x110/0x110
[ 1784.157386]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1784.158064]  do_dentry_open+0x4b7/0x1090
[ 1784.158653]  ? __unregister_chrdev+0x110/0x110
[ 1784.159306]  ? may_open+0x1e4/0x400
[ 1784.159838]  path_openat+0x19ba/0x2770
[ 1784.160442]  ? path_lookupat+0x860/0x860
[ 1784.161046]  ? lock_acquire+0x197/0x470
[ 1784.161653]  ? find_held_lock+0x2c/0x110
[ 1784.162184]  do_filp_open+0x190/0x3e0
[ 1784.162669]  ? may_open_dev+0xf0/0xf0
[ 1784.163165]  ? do_raw_spin_lock+0x121/0x260
[ 1784.163724]  ? rwlock_bug.part.0+0x90/0x90
[ 1784.164279]  ? _raw_spin_unlock+0x1a/0x30
[ 1784.164854]  ? alloc_fd+0x2e7/0x670
[ 1784.165356]  do_sys_openat2+0x171/0x4d0
[ 1784.165876]  ? build_open_flags+0x6f0/0x6f0
[ 1784.166429]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.167050]  ? wait_for_completion_io+0x270/0x270
[ 1784.167670]  __x64_sys_openat+0x13f/0x1f0
[ 1784.168259]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1784.168873]  ? ksys_write+0x1a9/0x260
[ 1784.169479]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1784.170261]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1784.170974]  do_syscall_64+0x33/0x40
[ 1784.171452]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.172123] RIP: 0033:0x7f05ed26ab19
[ 1784.172597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.174984] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1784.175997] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1784.176916] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1784.177826] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.178783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1784.179715] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:09:17 executing program 1:
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/../file0\x00', 0x34c40, 0x140)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})

20:09:17 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 22)

20:09:17 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 36)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:09:17 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

[ 1784.229294] FAULT_INJECTION: forcing a failure.
[ 1784.229294] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.231089] CPU: 0 PID: 9456 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1784.232084] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.233173] Call Trace:
[ 1784.233525]  dump_stack+0x107/0x167
[ 1784.234019]  should_fail.cold+0x5/0xa
[ 1784.234521]  ? __kernfs_new_node+0xd4/0x860
[ 1784.235096]  should_failslab+0x5/0x20
[ 1784.235633]  kmem_cache_alloc+0x5b/0x310
[ 1784.236232]  __kernfs_new_node+0xd4/0x860
[ 1784.236812]  ? kernfs_activate+0x2c/0x1d0
[ 1784.237357]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1784.237982]  ? lock_release+0x680/0x680
[ 1784.238506]  ? find_held_lock+0x2c/0x110
[ 1784.239047]  kernfs_new_node+0x18d/0x250
[ 1784.239618]  __kernfs_create_file+0x51/0x350
[ 1784.240207]  sysfs_add_file_mode_ns+0x221/0x560
[ 1784.240813]  internal_create_group+0x324/0xb30
[ 1784.241373]  ? sysfs_remove_group+0x170/0x170
[ 1784.241916]  ? kernfs_add_one+0x124/0x4d0
[ 1784.242426]  ? kernfs_create_link+0x1b7/0x230
[ 1784.242976]  internal_create_groups.part.0+0x90/0x140
[ 1784.243606]  sysfs_create_groups+0x25/0x50
[ 1784.244159]  device_add+0x7a9/0x1c50
[ 1784.244694]  ? lockdep_init_map_type+0x2c7/0x780
[ 1784.245311]  ? devlink_add_symlinks+0x970/0x970
[ 1784.245958]  netdev_register_kobject+0x17a/0x3b0
[ 1784.246572]  register_netdevice+0xd6e/0x1480
[ 1784.247146]  ? netdev_change_features+0xb0/0xb0
[ 1784.247754]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1784.248343]  __tun_chr_ioctl+0x2156/0x3f60
[ 1784.248898]  ? lock_downgrade+0x6d0/0x6d0
[ 1784.249454]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.250083]  ? tun_chr_poll+0x700/0x700
[ 1784.250601]  ? wait_for_completion_io+0x270/0x270
[ 1784.251232]  ? selinux_file_ioctl+0xb6/0x270
[ 1784.251814]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1784.252411]  __x64_sys_ioctl+0x19a/0x210
[ 1784.252934]  do_syscall_64+0x33/0x40
[ 1784.253417]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.254122] RIP: 0033:0x7fc68ced6b19
[ 1784.254631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.256984] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1784.258003] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1784.258932] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1784.259841] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.260775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1784.261735] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:09:17 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x20010, r5, 0x8000000)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r6, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:09:17 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 23)

20:09:17 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 76)

[ 1784.373412] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:09:17 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 37)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1784.415443] FAULT_INJECTION: forcing a failure.
[ 1784.415443] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.417087] CPU: 0 PID: 9464 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1784.417917] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.418967] Call Trace:
[ 1784.419305]  dump_stack+0x107/0x167
[ 1784.419768]  should_fail.cold+0x5/0xa
[ 1784.420263]  ? create_object.isra.0+0x3a/0xa20
[ 1784.420821]  should_failslab+0x5/0x20
[ 1784.421287]  kmem_cache_alloc+0x5b/0x310
[ 1784.421805]  ? mark_held_locks+0x9e/0xe0
[ 1784.422327]  create_object.isra.0+0x3a/0xa20
[ 1784.422912]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1784.423584]  kmem_cache_alloc_bulk+0x168/0x320
[ 1784.435593]  io_submit_sqes+0x6fe6/0x8610
[ 1784.436131]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1784.436736]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1784.437371]  ? lock_downgrade+0x6d0/0x6d0
[ 1784.437906]  ? find_held_lock+0x2c/0x110
[ 1784.438402]  ? io_submit_sqes+0x8610/0x8610
[ 1784.438932]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.439519]  ? wait_for_completion_io+0x270/0x270
[ 1784.440129]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1784.440691]  ? vfs_write+0x354/0xb10
[ 1784.441149]  ? fput_many+0x2f/0x1a0
[ 1784.441592]  ? ksys_write+0x1a9/0x260
[ 1784.442101]  ? __ia32_sys_read+0xb0/0xb0
[ 1784.442601]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1784.443266]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1784.443898]  do_syscall_64+0x33/0x40
[ 1784.444364]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.444986] RIP: 0033:0x7fb7d3ecdb19
[ 1784.445439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.447743] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1784.464746] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1784.465641] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1784.466506] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.467369] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1784.468256] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1784.519258] FAULT_INJECTION: forcing a failure.
[ 1784.519258] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.520806] CPU: 1 PID: 9467 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1784.521638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.522638] Call Trace:
[ 1784.522967]  dump_stack+0x107/0x167
[ 1784.523454]  should_fail.cold+0x5/0xa
20:09:17 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 39)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:09:17 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 10)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1784.523960]  ? create_object.isra.0+0x3a/0xa20
[ 1784.524734]  should_failslab+0x5/0x20
[ 1784.525238]  kmem_cache_alloc+0x5b/0x310
[ 1784.525756]  create_object.isra.0+0x3a/0xa20
[ 1784.526321]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1784.526972]  __kmalloc_track_caller+0x177/0x370
[ 1784.527572]  ? kstrdup_const+0x53/0x80
[ 1784.528108]  kstrdup+0x36/0x70
[ 1784.528521]  kstrdup_const+0x53/0x80
[ 1784.529016]  __kernfs_new_node+0x9d/0x860
[ 1784.529542]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1784.530247]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1784.530856]  ? lock_acquire+0x197/0x470
[ 1784.531388]  ? find_held_lock+0x2c/0x110
[ 1784.531915]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1784.532539]  kernfs_new_node+0x18d/0x250
[ 1784.533071]  kernfs_create_link+0xcb/0x230
[ 1784.533607]  sysfs_do_create_link_sd+0x90/0x140
[ 1784.534194]  sysfs_create_link+0x5f/0xc0
[ 1784.534709]  device_add+0x703/0x1c50
[ 1784.535212]  ? lockdep_init_map_type+0x2c7/0x780
[ 1784.535814]  ? devlink_add_symlinks+0x970/0x970
[ 1784.536459]  netdev_register_kobject+0x17a/0x3b0
[ 1784.537067]  register_netdevice+0xd6e/0x1480
[ 1784.537631]  ? netdev_change_features+0xb0/0xb0
[ 1784.538224]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1784.538786]  __tun_chr_ioctl+0x2156/0x3f60
[ 1784.539369]  ? lock_downgrade+0x6d0/0x6d0
[ 1784.539900]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.540559]  ? tun_chr_poll+0x700/0x700
[ 1784.541063]  ? wait_for_completion_io+0x270/0x270
[ 1784.541679]  ? selinux_file_ioctl+0xb6/0x270
[ 1784.542238]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1784.542807]  __x64_sys_ioctl+0x19a/0x210
[ 1784.543322]  do_syscall_64+0x33/0x40
[ 1784.543793]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.544460] RIP: 0033:0x7fc68ced6b19
[ 1784.544916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.547137] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1784.548385] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1784.549313] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1784.550206] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.551100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1784.552011] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1784.570322] FAULT_INJECTION: forcing a failure.
[ 1784.570322] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1784.576142] CPU: 1 PID: 9470 Comm: syz-executor.5 Not tainted 5.10.226 #1
[ 1784.577011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.578121] Call Trace:
[ 1784.578464]  dump_stack+0x107/0x167
[ 1784.578929]  should_fail.cold+0x5/0xa
[ 1784.579419]  __alloc_pages_nodemask+0x182/0x600
[ 1784.580053]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1784.580800]  ? mark_held_locks+0x9e/0xe0
[ 1784.581358]  ? trace_hardirqs_on+0x5b/0x180
[ 1784.581903]  alloc_pages_current+0x187/0x280
[ 1784.582486]  __vmalloc_node_range+0x60a/0x9e0
[ 1784.583066]  ? __vmalloc_node+0x110/0x110
[ 1784.583593]  ? up_write+0x191/0x550
[ 1784.584079]  ? down_write_killable+0x180/0x180
[ 1784.584662]  ? n_tty_open+0x16/0x170
[ 1784.585147]  __vmalloc_node+0xb5/0x110
[ 1784.585674]  ? n_tty_open+0x16/0x170
[ 1784.586182]  n_tty_open+0x16/0x170
[ 1784.586634]  ? n_tty_set_termios+0x1010/0x1010
[ 1784.587211]  tty_ldisc_open+0xa2/0x120
[ 1784.587706]  tty_ldisc_setup+0x90/0x100
[ 1784.588232]  tty_init_dev.part.0+0x1fa/0x610
[ 1784.588792]  ? pty_open+0x310/0x310
[ 1784.589281]  tty_init_dev+0x5b/0x80
[ 1784.589755]  ptmx_open+0x116/0x370
[ 1784.590240]  ? pty_open+0x310/0x310
[ 1784.590704]  chrdev_open+0x268/0x6e0
[ 1784.591176]  ? __unregister_chrdev+0x110/0x110
[ 1784.591754]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1784.596386]  do_dentry_open+0x4b7/0x1090
[ 1784.596906]  ? __unregister_chrdev+0x110/0x110
[ 1784.597524]  ? may_open+0x1e4/0x400
[ 1784.597992]  path_openat+0x19ba/0x2770
[ 1784.598528]  ? path_lookupat+0x860/0x860
[ 1784.599045]  ? lock_acquire+0x197/0x470
[ 1784.599548]  ? find_held_lock+0x2c/0x110
[ 1784.600093]  do_filp_open+0x190/0x3e0
[ 1784.608427]  ? may_open_dev+0xf0/0xf0
[ 1784.608927]  ? do_raw_spin_lock+0x121/0x260
[ 1784.609509]  ? rwlock_bug.part.0+0x90/0x90
[ 1784.610053]  ? _raw_spin_unlock+0x1a/0x30
[ 1784.610577]  ? alloc_fd+0x2e7/0x670
[ 1784.611051]  do_sys_openat2+0x171/0x4d0
[ 1784.616478]  ? build_open_flags+0x6f0/0x6f0
[ 1784.617025]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.617660]  ? wait_for_completion_io+0x270/0x270
[ 1784.618275]  __x64_sys_openat+0x13f/0x1f0
[ 1784.618799]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1784.619337]  ? ksys_write+0x1a9/0x260
[ 1784.619826]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1784.620556]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1784.621218]  do_syscall_64+0x33/0x40
[ 1784.621693]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.622342] RIP: 0033:0x7f05ed26ab19
[ 1784.622816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.625220] RSP: 002b:00007f05ea7e0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1784.626185] RAX: ffffffffffffffda RBX: 00007f05ed37df60 RCX: 00007f05ed26ab19
[ 1784.627084] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1784.627995] RBP: 00007f05ea7e01d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.628942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1784.629855] R13: 00007ffec1b9eb9f R14: 00007f05ea7e0300 R15: 0000000000022000
20:09:18 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 24)

[ 1784.762285] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1784.762934] FAULT_INJECTION: forcing a failure.
[ 1784.762934] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.764758] CPU: 1 PID: 9480 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1784.765663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.766737] Call Trace:
[ 1784.767082]  dump_stack+0x107/0x167
[ 1784.767548]  should_fail.cold+0x5/0xa
[ 1784.768055]  ? create_object.isra.0+0x3a/0xa20
[ 1784.768642]  should_failslab+0x5/0x20
[ 1784.769121]  kmem_cache_alloc+0x5b/0x310
[ 1784.769676]  ? mark_held_locks+0x9e/0xe0
[ 1784.770200]  create_object.isra.0+0x3a/0xa20
[ 1784.771041]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1784.771692]  kmem_cache_alloc_bulk+0x168/0x320
[ 1784.772302]  io_submit_sqes+0x6fe6/0x8610
[ 1784.772853]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1784.773491]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1784.774141]  ? lock_downgrade+0x6d0/0x6d0
[ 1784.774695]  ? find_held_lock+0x2c/0x110
[ 1784.775215]  ? io_submit_sqes+0x8610/0x8610
[ 1784.775776]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.776407]  ? wait_for_completion_io+0x270/0x270
[ 1784.777027]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1784.777657]  ? vfs_write+0x354/0xb10
[ 1784.778139]  ? fput_many+0x2f/0x1a0
[ 1784.778632]  ? ksys_write+0x1a9/0x260
[ 1784.779107]  ? __ia32_sys_read+0xb0/0xb0
[ 1784.779621]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1784.780303]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1784.780847] FAULT_INJECTION: forcing a failure.
[ 1784.780847] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.780956]  do_syscall_64+0x33/0x40
[ 1784.783178]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.783856] RIP: 0033:0x7fb7d3ecdb19
[ 1784.784346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.786670] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1784.787666] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1784.788574] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1784.789470] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.790413] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1784.791335] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1784.794815] FAULT_INJECTION: forcing a failure.
[ 1784.794815] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.796291] CPU: 1 PID: 9473 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1784.797147] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.798221] Call Trace:
[ 1784.798588]  dump_stack+0x107/0x167
[ 1784.799045]  should_fail.cold+0x5/0xa
[ 1784.799518]  ? alloc_tty_struct+0x95/0x8e0
[ 1784.800078]  should_failslab+0x5/0x20
[ 1784.800562]  kmem_cache_alloc_trace+0x55/0x320
[ 1784.801138]  ? ptmx_open+0x107/0x370
[ 1784.801642]  ? pty_open+0x310/0x310
[ 1784.802118]  alloc_tty_struct+0x95/0x8e0
[ 1784.802663]  ? __do_SAK+0x30/0x30
[ 1784.803103]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.803705]  ? pty_open+0x310/0x310
[ 1784.804211]  tty_init_dev.part.0+0x20/0x610
[ 1784.804759]  ? pty_open+0x310/0x310
[ 1784.805219]  tty_init_dev+0x5b/0x80
[ 1784.805725]  ptmx_open+0x116/0x370
[ 1784.806183]  ? pty_open+0x310/0x310
[ 1784.806670]  chrdev_open+0x268/0x6e0
[ 1784.807139]  ? __unregister_chrdev+0x110/0x110
[ 1784.807710]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1784.808323]  do_dentry_open+0x4b7/0x1090
[ 1784.808840]  ? __unregister_chrdev+0x110/0x110
[ 1784.809416]  ? may_open+0x1e4/0x400
[ 1784.809930]  path_openat+0x19ba/0x2770
[ 1784.810440]  ? path_lookupat+0x860/0x860
[ 1784.810959]  ? lock_acquire+0x197/0x470
[ 1784.811466]  ? find_held_lock+0x2c/0x110
[ 1784.812000]  do_filp_open+0x190/0x3e0
[ 1784.812488]  ? may_open_dev+0xf0/0xf0
[ 1784.812974]  ? do_raw_spin_lock+0x121/0x260
[ 1784.813521]  ? rwlock_bug.part.0+0x90/0x90
[ 1784.814103]  ? _raw_spin_unlock+0x1a/0x30
[ 1784.814660]  ? alloc_fd+0x2e7/0x670
[ 1784.815132]  do_sys_openat2+0x171/0x4d0
[ 1784.815637]  ? build_open_flags+0x6f0/0x6f0
[ 1784.816200]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.816812]  ? wait_for_completion_io+0x270/0x270
[ 1784.817428]  __x64_sys_openat+0x13f/0x1f0
[ 1784.818006]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1784.818570]  ? ksys_write+0x1a9/0x260
[ 1784.819065]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1784.819727]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1784.820394]  do_syscall_64+0x33/0x40
[ 1784.820869]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.821508] RIP: 0033:0x7f7574521b19
[ 1784.822019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.824357] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1784.825365] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1784.826292] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1784.827186] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.828097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1784.829040] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:09:18 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2007, @fd=r0, 0x0, 0x0, 0x0, 0x9, 0x0, {0x0, r6}}, 0x80000001)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(r8, r7)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1784.836147] CPU: 0 PID: 9468 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1784.837145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1784.838198] Call Trace:
[ 1784.838533]  dump_stack+0x107/0x167
[ 1784.839000]  should_fail.cold+0x5/0xa
[ 1784.839470]  ? __kernfs_new_node+0xd4/0x860
[ 1784.840035]  should_failslab+0x5/0x20
[ 1784.840544]  kmem_cache_alloc+0x5b/0x310
[ 1784.841084]  __kernfs_new_node+0xd4/0x860
[ 1784.841660]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1784.842319]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.842989]  ? wait_for_completion_io+0x270/0x270
[ 1784.843627]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1784.844329]  kernfs_new_node+0x18d/0x250
[ 1784.844881]  __kernfs_create_file+0x51/0x350
[ 1784.845466]  sysfs_add_file_mode_ns+0x221/0x560
[ 1784.846099]  internal_create_group+0x324/0xb30
[ 1784.846727]  ? sysfs_remove_group+0x170/0x170
[ 1784.847344]  ? kernfs_add_one+0x124/0x4d0
[ 1784.847900]  ? kernfs_create_link+0x1b7/0x230
[ 1784.848506]  internal_create_groups.part.0+0x90/0x140
[ 1784.849197]  sysfs_create_groups+0x25/0x50
[ 1784.849756]  device_add+0x7a9/0x1c50
[ 1784.850261]  ? lockdep_init_map_type+0x2c7/0x780
[ 1784.850877]  ? devlink_add_symlinks+0x970/0x970
[ 1784.851484]  netdev_register_kobject+0x17a/0x3b0
[ 1784.852119]  register_netdevice+0xd6e/0x1480
[ 1784.852697]  ? netdev_change_features+0xb0/0xb0
[ 1784.853307]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1784.853879]  __tun_chr_ioctl+0x2156/0x3f60
[ 1784.854436]  ? lock_downgrade+0x6d0/0x6d0
[ 1784.854989]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1784.855618]  ? tun_chr_poll+0x700/0x700
[ 1784.856161]  ? wait_for_completion_io+0x270/0x270
[ 1784.856801]  ? selinux_file_ioctl+0xb6/0x270
[ 1784.857382]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1784.857969]  __x64_sys_ioctl+0x19a/0x210
[ 1784.858519]  do_syscall_64+0x33/0x40
[ 1784.859007]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1784.859679] RIP: 0033:0x7f7955930b19
[ 1784.860178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1784.862532] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1784.863523] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1784.864462] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1784.865385] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1784.866295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1784.867217] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:09:31 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 38)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:09:31 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2007, @fd=r0, 0x0, 0x0, 0x0, 0x9, 0x0, {0x0, r6}}, 0x80000001)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(r8, r7)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:09:31 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:09:31 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 25)

20:09:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 40)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:09:31 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 11)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:09:31 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 77)

[ 1798.595098] FAULT_INJECTION: forcing a failure.
[ 1798.595098] name failslab, interval 1, probability 0, space 0, times 0
[ 1798.596908] CPU: 1 PID: 9493 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1798.597846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1798.598921] Call Trace:
[ 1798.599274]  dump_stack+0x107/0x167
[ 1798.599753]  should_fail.cold+0x5/0xa
[ 1798.600261]  ? create_object.isra.0+0x3a/0xa20
[ 1798.601498]  should_failslab+0x5/0x20
[ 1798.602652]  kmem_cache_alloc+0x5b/0x310
[ 1798.603881]  create_object.isra.0+0x3a/0xa20
[ 1798.605228]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1798.606763]  kmem_cache_alloc_bulk+0x168/0x320
[ 1798.608143]  io_submit_sqes+0x6fe6/0x8610
[ 1798.609444]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1798.610942]  __do_sys_io_uring_enter+0x6b5/0x18c0
20:09:31 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r5=>r3, {0xffffffffffffff00}}, './file0\x00'})
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000140), 0x4)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1798.612393]  ? lock_downgrade+0x6d0/0x6d0
[ 1798.617501]  ? find_held_lock+0x2c/0x110
[ 1798.618525]  ? io_submit_sqes+0x8610/0x8610
[ 1798.619611]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1798.620935]  ? wait_for_completion_io+0x270/0x270
[ 1798.622394]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1798.623790]  ? vfs_write+0x354/0xb10
[ 1798.624931]  ? fput_many+0x2f/0x1a0
[ 1798.626032]  ? ksys_write+0x1a9/0x260
[ 1798.627184]  ? __ia32_sys_read+0xb0/0xb0
[ 1798.628421]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1798.630009]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1798.631566]  do_syscall_64+0x33/0x40
[ 1798.632695]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1798.634249] RIP: 0033:0x7fb7d3ecdb19
[ 1798.635366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1798.640951] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1798.643240] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1798.645408] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1798.650316] FAULT_INJECTION: forcing a failure.
[ 1798.650316] name failslab, interval 1, probability 0, space 0, times 0
[ 1798.653813] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1798.653824] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1798.653834] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1798.658756] CPU: 0 PID: 9502 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1798.659584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1798.660922] Call Trace:
[ 1798.661267]  dump_stack+0x107/0x167
[ 1798.661731]  should_fail.cold+0x5/0xa
[ 1798.662225]  ? create_object.isra.0+0x3a/0xa20
[ 1798.662789]  should_failslab+0x5/0x20
[ 1798.663255]  kmem_cache_alloc+0x5b/0x310
[ 1798.663751]  create_object.isra.0+0x3a/0xa20
[ 1798.668593]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1798.669224]  kmem_cache_alloc+0x159/0x310
[ 1798.669733]  __kernfs_new_node+0xd4/0x860
[ 1798.670245]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1798.670826]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1798.671420]  ? wait_for_completion_io+0x270/0x270
[ 1798.672014]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1798.672708]  kernfs_new_node+0x18d/0x250
[ 1798.673229]  __kernfs_create_file+0x51/0x350
[ 1798.673765]  sysfs_add_file_mode_ns+0x221/0x560
[ 1798.674339]  internal_create_group+0x324/0xb30
[ 1798.674899]  ? sysfs_remove_group+0x170/0x170
[ 1798.675445]  ? kernfs_add_one+0x124/0x4d0
[ 1798.675952]  ? kernfs_create_link+0x1b7/0x230
[ 1798.676654]  internal_create_groups.part.0+0x90/0x140
[ 1798.677900]  sysfs_create_groups+0x25/0x50
[ 1798.678914]  device_add+0x7a9/0x1c50
[ 1798.679810]  ? lockdep_init_map_type+0x2c7/0x780
[ 1798.681108]  ? devlink_add_symlinks+0x970/0x970
[ 1798.682463]  netdev_register_kobject+0x17a/0x3b0
[ 1798.683835]  register_netdevice+0xd6e/0x1480
[ 1798.685122]  ? netdev_change_features+0xb0/0xb0
[ 1798.686469]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1798.687723]  __tun_chr_ioctl+0x2156/0x3f60
[ 1798.688955]  ? lock_downgrade+0x6d0/0x6d0
[ 1798.690154]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1798.691547]  ? tun_chr_poll+0x700/0x700
[ 1798.692706]  ? wait_for_completion_io+0x270/0x270
[ 1798.694108]  ? selinux_file_ioctl+0xb6/0x270
[ 1798.695381]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1798.696721]  __x64_sys_ioctl+0x19a/0x210
[ 1798.697896]  do_syscall_64+0x33/0x40
[ 1798.698969]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1798.700455] RIP: 0033:0x7f7955930b19
[ 1798.701533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1798.706844] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1798.709029] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1798.711084] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1798.713143] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1798.715201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1798.717265] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1798.735681] FAULT_INJECTION: forcing a failure.
[ 1798.735681] name failslab, interval 1, probability 0, space 0, times 0
[ 1798.739059] CPU: 0 PID: 9505 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1798.741125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1798.743291] Call Trace:
[ 1798.743971]  dump_stack+0x107/0x167
[ 1798.744700]  should_fail.cold+0x5/0xa
[ 1798.745167]  ? create_object.isra.0+0x3a/0xa20
[ 1798.745724]  should_failslab+0x5/0x20
[ 1798.746189]  kmem_cache_alloc+0x5b/0x310
[ 1798.746686]  create_object.isra.0+0x3a/0xa20
[ 1798.747222]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1798.747840]  kmem_cache_alloc_trace+0x151/0x320
20:09:32 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = fsmount(0xffffffffffffffff, 0x1, 0x1b)
recvmmsg(r5, &(0x7f0000000440)=[{{&(0x7f0000000100)=@un=@abs, 0x80, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/131, 0x83}, {&(0x7f0000000300)=""/137, 0x89}], 0x2, &(0x7f00000003c0)=""/108, 0x6c}, 0x7}], 0x1, 0x2, 0x0)
recvmmsg(r3, &(0x7f0000004dc0)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000500)=""/6, 0x6}, {&(0x7f0000000540)=""/9, 0x9}, {&(0x7f0000000580)=""/136, 0x88}, {&(0x7f0000000640)=""/45, 0x2d}, {&(0x7f0000000680)=""/50, 0x32}], 0x5}, 0x80000000}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000740)=""/17, 0x11}, {&(0x7f0000000780)=""/206, 0xce}], 0x2, &(0x7f00000008c0)}, 0x9}, {{&(0x7f0000000900)=@nfc_llcp, 0x80, &(0x7f0000001b80)=[{&(0x7f0000000980)=""/64, 0x40}, {&(0x7f00000009c0)=""/95, 0x5f}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000001a40)=""/205, 0xcd}, {&(0x7f0000001b40)=""/33, 0x21}], 0x5, &(0x7f0000001c00)=""/81, 0x51}, 0x20}, {{&(0x7f0000001c80)=@vsock={0x28, 0x0, 0x0, @host}, 0x80, &(0x7f0000001ec0)=[{&(0x7f0000001d00)=""/174, 0xae}, {&(0x7f0000001dc0)=""/33, 0x21}, {&(0x7f0000001e00)=""/147, 0x93}], 0x3, &(0x7f0000001f00)=""/175, 0xaf}, 0x1000}, {{&(0x7f0000001fc0)=@qipcrtr, 0x80, &(0x7f0000002100)=[{&(0x7f0000002040)=""/78, 0x4e}, {&(0x7f00000020c0)=""/52, 0x34}], 0x2}}, {{&(0x7f0000002140)=@vsock, 0x80, &(0x7f0000002240)=[{&(0x7f00000021c0)=""/86, 0x56}], 0x1, &(0x7f0000002280)=""/91, 0x5b}, 0x2}, {{&(0x7f0000002300)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f00000035c0)=[{&(0x7f0000002380)=""/203, 0xcb}, {&(0x7f0000002480)=""/4096, 0x1000}, {&(0x7f0000003480)=""/42, 0x2a}, {&(0x7f00000034c0)=""/86, 0x56}, {&(0x7f0000003540)=""/35, 0x23}, {&(0x7f0000003580)=""/45, 0x2d}], 0x6, &(0x7f0000003640)=""/4096, 0x1000}, 0x5}, {{&(0x7f0000004640)=@hci, 0x80, &(0x7f0000004980)=[{&(0x7f00000046c0)=""/186, 0xba}, {&(0x7f0000004780)=""/219, 0xdb}, {&(0x7f0000004880)=""/110, 0x6e}, {&(0x7f0000004900)=""/107, 0x6b}], 0x4, &(0x7f00000049c0)=""/111, 0x6f}, 0x26d}, {{&(0x7f0000004a40)=@pppol2tpv3, 0x80, &(0x7f0000004cc0)=[{&(0x7f0000004ac0)=""/13, 0xd}, {&(0x7f0000004b00)=""/60, 0x3c}, {&(0x7f0000004b40)=""/10, 0xa}, {&(0x7f0000004b80)=""/255, 0xff}, {&(0x7f0000004c80)=""/12, 0xc}], 0x5, &(0x7f0000004d40)=""/80, 0x50}, 0xb78}], 0x9, 0x10001, &(0x7f0000005000)={0x77359400})
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1798.748461]  ? ptmx_open+0x107/0x370
[ 1798.764887]  ? pty_open+0x310/0x310
[ 1798.765363]  alloc_tty_struct+0x95/0x8e0
[ 1798.765889]  ? __do_SAK+0x30/0x30
[ 1798.766342]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1798.766963]  ? pty_open+0x310/0x310
[ 1798.767428]  tty_init_dev.part.0+0x20/0x610
[ 1798.767981]  ? pty_open+0x310/0x310
[ 1798.768456]  tty_init_dev+0x5b/0x80
[ 1798.768927]  ptmx_open+0x116/0x370
[ 1798.769385]  ? pty_open+0x310/0x310
[ 1798.769851]  chrdev_open+0x268/0x6e0
[ 1798.770331]  ? __unregister_chrdev+0x110/0x110
[ 1798.770920]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1798.771524]  do_dentry_open+0x4b7/0x1090
[ 1798.772045]  ? __unregister_chrdev+0x110/0x110
[ 1798.772646]  ? may_open+0x1e4/0x400
[ 1798.773114]  path_openat+0x19ba/0x2770
[ 1798.773623]  ? path_lookupat+0x860/0x860
[ 1798.774149]  ? lock_acquire+0x197/0x470
[ 1798.774656]  ? find_held_lock+0x2c/0x110
[ 1798.775186]  do_filp_open+0x190/0x3e0
[ 1798.775673]  ? may_open_dev+0xf0/0xf0
[ 1798.776172]  ? do_raw_spin_lock+0x121/0x260
[ 1798.776740]  ? rwlock_bug.part.0+0x90/0x90
[ 1798.777288]  ? _raw_spin_unlock+0x1a/0x30
[ 1798.777819]  ? alloc_fd+0x2e7/0x670
[ 1798.778299]  do_sys_openat2+0x171/0x4d0
[ 1798.778812]  ? build_open_flags+0x6f0/0x6f0
[ 1798.779368]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1798.779988]  ? wait_for_completion_io+0x270/0x270
[ 1798.796682]  __x64_sys_openat+0x13f/0x1f0
[ 1798.797217]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1798.797756]  ? ksys_write+0x1a9/0x260
[ 1798.798251]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1798.798918]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1798.799584]  do_syscall_64+0x33/0x40
[ 1798.800062]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1798.800737] RIP: 0033:0x7f7574521b19
[ 1798.801216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1798.803554] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1798.804553] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1798.805466] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1798.806373] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1798.807285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1798.808196] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1798.852140] FAULT_INJECTION: forcing a failure.
[ 1798.852140] name failslab, interval 1, probability 0, space 0, times 0
[ 1798.853711] CPU: 1 PID: 9515 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1798.854588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1798.855664] Call Trace:
[ 1798.856014]  dump_stack+0x107/0x167
[ 1798.856499]  should_fail.cold+0x5/0xa
[ 1798.857002]  ? create_object.isra.0+0x3a/0xa20
[ 1798.857596]  should_failslab+0x5/0x20
[ 1798.858098]  kmem_cache_alloc+0x5b/0x310
[ 1798.858630]  ? mark_held_locks+0x9e/0xe0
[ 1798.859160]  create_object.isra.0+0x3a/0xa20
[ 1798.859727]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1798.860386]  kmem_cache_alloc_bulk+0x168/0x320
[ 1798.861012]  io_submit_sqes+0x6fe6/0x8610
[ 1798.861586]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1798.862245]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1798.862888]  ? lock_downgrade+0x6d0/0x6d0
[ 1798.863435]  ? find_held_lock+0x2c/0x110
[ 1798.863978]  ? io_submit_sqes+0x8610/0x8610
[ 1798.864584]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1798.865229]  ? wait_for_completion_io+0x270/0x270
[ 1798.865852]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1798.866453]  ? vfs_write+0x354/0xb10
[ 1798.866941]  ? fput_many+0x2f/0x1a0
[ 1798.867440]  ? ksys_write+0x1a9/0x260
[ 1798.867948]  ? __ia32_sys_read+0xb0/0xb0
[ 1798.868507]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1798.869206]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1798.869900]  do_syscall_64+0x33/0x40
[ 1798.870396]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1798.871065] RIP: 0033:0x7fb7d3ecdb19
[ 1798.871558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1798.873987] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1798.874993] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1798.875932] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1798.876878] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1798.877796] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1798.878718] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:09:32 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 26)

[ 1799.033215] FAULT_INJECTION: forcing a failure.
[ 1799.033215] name failslab, interval 1, probability 0, space 0, times 0
[ 1799.041476] CPU: 1 PID: 9513 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1799.042343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1799.043375] Call Trace:
[ 1799.043719]  dump_stack+0x107/0x167
[ 1799.044182]  should_fail.cold+0x5/0xa
[ 1799.044689]  ? __kernfs_new_node+0xd4/0x860
[ 1799.045237]  should_failslab+0x5/0x20
[ 1799.045722]  kmem_cache_alloc+0x5b/0x310
[ 1799.046240]  __kernfs_new_node+0xd4/0x860
[ 1799.046768]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1799.047371]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1799.047981]  ? wait_for_completion_io+0x270/0x270
[ 1799.048606]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1799.049270]  kernfs_new_node+0x18d/0x250
[ 1799.049786]  __kernfs_create_file+0x51/0x350
[ 1799.050343]  sysfs_add_file_mode_ns+0x221/0x560
[ 1799.050940]  internal_create_group+0x324/0xb30
[ 1799.051522]  ? sysfs_remove_group+0x170/0x170
[ 1799.052090]  ? kernfs_add_one+0x124/0x4d0
[ 1799.052632]  ? kernfs_create_link+0x1b7/0x230
[ 1799.053202]  internal_create_groups.part.0+0x90/0x140
[ 1799.053860]  sysfs_create_groups+0x25/0x50
[ 1799.054396]  device_add+0x7a9/0x1c50
[ 1799.054874]  ? lockdep_init_map_type+0x2c7/0x780
[ 1799.055472]  ? devlink_add_symlinks+0x970/0x970
[ 1799.056067]  netdev_register_kobject+0x17a/0x3b0
[ 1799.056691]  register_netdevice+0xd6e/0x1480
[ 1799.057252]  ? netdev_change_features+0xb0/0xb0
[ 1799.057850]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1799.058404]  __tun_chr_ioctl+0x2156/0x3f60
[ 1799.058944]  ? lock_downgrade+0x6d0/0x6d0
[ 1799.059469]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1799.060078]  ? tun_chr_poll+0x700/0x700
[ 1799.060604]  ? wait_for_completion_io+0x270/0x270
[ 1799.061226]  ? selinux_file_ioctl+0xb6/0x270
[ 1799.061782]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1799.062353]  __x64_sys_ioctl+0x19a/0x210
[ 1799.062871]  do_syscall_64+0x33/0x40
[ 1799.063341]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1799.063992] RIP: 0033:0x7fc68ced6b19
[ 1799.064477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1799.066782] RSP: 002b:00007fc68a42b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1799.067737] RAX: ffffffffffffffda RBX: 00007fc68cfea020 RCX: 00007fc68ced6b19
[ 1799.068634] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1799.069516] RBP: 00007fc68a42b1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1799.070406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1799.071299] R13: 00007ffdbad4d89f R14: 00007fc68a42b300 R15: 0000000000022000
20:09:32 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 27)

20:09:32 executing program 1:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={<r0=>0x0}, &(0x7f0000000140)=0xc)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x400a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r4, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:09:32 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1799.147432] FAULT_INJECTION: forcing a failure.
[ 1799.147432] name failslab, interval 1, probability 0, space 0, times 0
[ 1799.149160] CPU: 1 PID: 9521 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1799.150014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1799.151048] Call Trace:
[ 1799.151389]  dump_stack+0x107/0x167
[ 1799.151850]  should_fail.cold+0x5/0xa
[ 1799.152336]  ? create_object.isra.0+0x3a/0xa20
[ 1799.152940]  should_failslab+0x5/0x20
[ 1799.153421]  kmem_cache_alloc+0x5b/0x310
[ 1799.153936]  ? mark_held_locks+0x9e/0xe0
[ 1799.154441]  create_object.isra.0+0x3a/0xa20
[ 1799.154990]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1799.155628]  kmem_cache_alloc_bulk+0x168/0x320
[ 1799.156212]  io_submit_sqes+0x6fe6/0x8610
[ 1799.156783]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1799.157415]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1799.158029]  ? lock_downgrade+0x6d0/0x6d0
[ 1799.158551]  ? find_held_lock+0x2c/0x110
[ 1799.159077]  ? io_submit_sqes+0x8610/0x8610
[ 1799.159629]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1799.160240]  ? wait_for_completion_io+0x270/0x270
[ 1799.160875]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1799.161462]  ? vfs_write+0x354/0xb10
[ 1799.161941]  ? fput_many+0x2f/0x1a0
[ 1799.162400]  ? ksys_write+0x1a9/0x260
[ 1799.162879]  ? __ia32_sys_read+0xb0/0xb0
[ 1799.163385]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1799.164042]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1799.164717]  do_syscall_64+0x33/0x40
[ 1799.165188]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1799.165833] RIP: 0033:0x7fb7d3ecdb19
[ 1799.166303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1799.168606] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1799.169561] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1799.170462] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1799.171360] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1799.172247] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1799.173162] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:09:45 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 39)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:09:45 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 28)

20:09:45 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:09:45 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000300)}, 0x10004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB="2c7766646e6f3dd147424dcd9c8e57688de49d8b433bf6347a272bb0bff8b6", @ANYRESHEX=r2, @ANYBLOB=',msize=0x0000000000800003,\x00'])
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000440)=0x9)
r3 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0xe881aa4e59a39228, 0x0, @fd_index=0xa, 0x400000000001}, 0x6)
mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x100000e, 0x13, r3, 0x0)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000340), &(0x7f0000000400)='./file0/../file0\x00', 0x11, 0x1)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r3, 0x8000000)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x4000, 0x0)
ioctl$RTC_UIE_ON(r8, 0x7003)
syz_io_uring_setup(0x274, &(0x7f00000001c0)={0x0, 0x5649, 0x2, 0x3, 0x30c, 0x0, r3}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000240)=<r9=>0x0)
pipe(&(0x7f00000001c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r12}, 0x2c, {'wfdno', 0x3d, r13}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000005, 0x11, r13, 0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
syz_io_uring_submit(r7, r9, &(0x7f00000002c0)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x0, 0x0, r11, 0x0, r6, 0x2, 0x0, 0x1}, 0x80000005)
io_uring_enter(r3, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1812.635690] FAULT_INJECTION: forcing a failure.
[ 1812.635690] name failslab, interval 1, probability 0, space 0, times 0
[ 1812.639479] CPU: 1 PID: 9541 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1812.641668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1812.644319] Call Trace:
[ 1812.645176]  dump_stack+0x107/0x167
[ 1812.646329]  should_fail.cold+0x5/0xa
[ 1812.647527]  ? create_object.isra.0+0x3a/0xa20
[ 1812.649073]  should_failslab+0x5/0x20
[ 1812.650315]  kmem_cache_alloc+0x5b/0x310
[ 1812.651600]  create_object.isra.0+0x3a/0xa20
[ 1812.653035]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1812.654647]  kmem_cache_alloc_trace+0x151/0x320
20:09:45 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 12)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:09:45 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc03, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:09:46 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2007, @fd=r0, 0x0, 0x0, 0x0, 0x9, 0x0, {0x0, r6}}, 0x80000001)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(r8, r7)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:09:46 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 78)

[ 1812.656115]  ? pty_open+0x310/0x310
[ 1812.657489]  tty_ldisc_get.part.0+0x70/0x180
[ 1812.658735]  tty_ldisc_init+0x15/0x90
[ 1812.659796]  alloc_tty_struct+0x119/0x8e0
[ 1812.661006]  ? __do_SAK+0x30/0x30
[ 1812.661981]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1812.663347]  ? pty_open+0x310/0x310
[ 1812.664361]  tty_init_dev.part.0+0x20/0x610
[ 1812.665665]  ? pty_open+0x310/0x310
[ 1812.666686]  tty_init_dev+0x5b/0x80
[ 1812.667712]  ptmx_open+0x116/0x370
[ 1812.668710]  ? pty_open+0x310/0x310
[ 1812.669774]  chrdev_open+0x268/0x6e0
[ 1812.670815]  ? __unregister_chrdev+0x110/0x110
[ 1812.672110]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1812.673457]  do_dentry_open+0x4b7/0x1090
[ 1812.674607]  ? __unregister_chrdev+0x110/0x110
[ 1812.675886]  ? may_open+0x1e4/0x400
[ 1812.676926]  path_openat+0x19ba/0x2770
[ 1812.678148]  ? path_lookupat+0x860/0x860
[ 1812.679307]  ? lock_acquire+0x197/0x470
[ 1812.680415]  ? find_held_lock+0x2c/0x110
[ 1812.681603]  do_filp_open+0x190/0x3e0
[ 1812.682673]  ? may_open_dev+0xf0/0xf0
[ 1812.683757]  ? do_raw_spin_lock+0x121/0x260
[ 1812.685000]  ? rwlock_bug.part.0+0x90/0x90
[ 1812.686203]  ? _raw_spin_unlock+0x1a/0x30
[ 1812.687363]  ? alloc_fd+0x2e7/0x670
[ 1812.688396]  do_sys_openat2+0x171/0x4d0
[ 1812.689539]  ? finish_task_switch+0xef/0x5d0
[ 1812.690784]  ? __switch_to+0x572/0xf70
[ 1812.691869]  ? __switch_to_asm+0x3a/0x60
[ 1812.693053]  ? build_open_flags+0x6f0/0x6f0
[ 1812.694266]  ? __schedule+0x82c/0x1ea0
[ 1812.695373]  __x64_sys_openat+0x13f/0x1f0
[ 1812.696532]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1812.697756]  ? ksys_write+0x1a9/0x260
[ 1812.698823]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1812.700307]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1812.701792]  do_syscall_64+0x33/0x40
[ 1812.702846]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1812.704290] RIP: 0033:0x7f7574521b19
[ 1812.705373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1812.710660] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1812.712817] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1812.714858] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1812.716890] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1812.718940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1812.721000] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1812.742150] FAULT_INJECTION: forcing a failure.
[ 1812.742150] name failslab, interval 1, probability 0, space 0, times 0
[ 1812.746717] CPU: 1 PID: 9548 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1812.748671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1812.751056] Call Trace:
[ 1812.751801]  dump_stack+0x107/0x167
[ 1812.752818]  should_fail.cold+0x5/0xa
[ 1812.753930]  ? create_object.isra.0+0x3a/0xa20
[ 1812.755215]  should_failslab+0x5/0x20
[ 1812.756291]  kmem_cache_alloc+0x5b/0x310
[ 1812.757466]  create_object.isra.0+0x3a/0xa20
[ 1812.758714]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1812.760142]  kmem_cache_alloc+0x159/0x310
[ 1812.761354]  __kernfs_new_node+0xd4/0x860
[ 1812.762520]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1812.764007]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1812.765374]  ? lock_acquire+0x197/0x470
[ 1812.766502]  ? find_held_lock+0x2c/0x110
[ 1812.767645]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1812.769044]  kernfs_new_node+0x18d/0x250
[ 1812.770184]  kernfs_create_link+0xcb/0x230
[ 1812.771388]  sysfs_do_create_link_sd+0x90/0x140
[ 1812.772691]  sysfs_create_link+0x5f/0xc0
[ 1812.773886]  device_add+0x703/0x1c50
[ 1812.774928]  ? lockdep_init_map_type+0x2c7/0x780
[ 1812.776266]  ? devlink_add_symlinks+0x970/0x970
[ 1812.777622]  netdev_register_kobject+0x17a/0x3b0
[ 1812.778973]  register_netdevice+0xd6e/0x1480
[ 1812.780208]  ? netdev_change_features+0xb0/0xb0
[ 1812.781565]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1812.782781]  __tun_chr_ioctl+0x2156/0x3f60
[ 1812.783978]  ? lock_downgrade+0x6d0/0x6d0
[ 1812.785174]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1812.786544]  ? tun_chr_poll+0x700/0x700
[ 1812.787657]  ? wait_for_completion_io+0x270/0x270
[ 1812.789064]  ? selinux_file_ioctl+0xb6/0x270
[ 1812.790299]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1812.791568]  __x64_sys_ioctl+0x19a/0x210
[ 1812.792703]  do_syscall_64+0x33/0x40
[ 1812.793788]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1812.795237] RIP: 0033:0x7fc68ced6b19
[ 1812.796288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1812.801591] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1812.803745] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1812.805795] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1812.807826] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1812.809880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1812.811914] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1812.822392] FAULT_INJECTION: forcing a failure.
[ 1812.822392] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1812.825818] CPU: 1 PID: 9535 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1812.827760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1812.830146] Call Trace:
[ 1812.830884]  dump_stack+0x107/0x167
[ 1812.831901]  should_fail.cold+0x5/0xa
[ 1812.833011]  __alloc_pages_nodemask+0x182/0x600
[ 1812.834322]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1812.836041]  alloc_pages_current+0x187/0x280
[ 1812.837310]  allocate_slab+0x26f/0x380
[ 1812.838421]  ___slab_alloc+0x470/0x700
[ 1812.839512]  ? create_object.isra.0+0x3a/0xa20
[ 1812.840806]  ? lock_release+0x680/0x680
[ 1812.841952]  ? create_object.isra.0+0x3a/0xa20
[ 1812.843253]  ? kmem_cache_alloc+0x301/0x310
[ 1812.844461]  ? create_object.isra.0+0x3a/0xa20
[ 1812.845788]  kmem_cache_alloc+0x301/0x310
[ 1812.847010]  create_object.isra.0+0x3a/0xa20
[ 1812.848334]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1812.849834]  kmem_cache_alloc_bulk+0x168/0x320
[ 1812.851177]  io_submit_sqes+0x6fe6/0x8610
[ 1812.852401]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1812.853866]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1812.855273]  ? lock_downgrade+0x6d0/0x6d0
[ 1812.856478]  ? find_held_lock+0x2c/0x110
[ 1812.857664]  ? io_submit_sqes+0x8610/0x8610
[ 1812.858929]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1812.860335]  ? wait_for_completion_io+0x270/0x270
[ 1812.861754]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1812.863100]  ? vfs_write+0x354/0xb10
[ 1812.864179]  ? fput_many+0x2f/0x1a0
[ 1812.865235]  ? ksys_write+0x1a9/0x260
[ 1812.866342]  ? __ia32_sys_read+0xb0/0xb0
[ 1812.867516]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1812.869053]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1812.870563]  do_syscall_64+0x33/0x40
[ 1812.871645]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1812.873149] RIP: 0033:0x7fb7d3ecdb19
[ 1812.874228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1812.879656] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1812.881888] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1812.883964] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1812.886059] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1812.888137] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1812.890240] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1812.919701] FAULT_INJECTION: forcing a failure.
[ 1812.919701] name failslab, interval 1, probability 0, space 0, times 0
[ 1812.922703] CPU: 0 PID: 9539 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1812.924888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1812.927603] Call Trace:
[ 1812.928425]  dump_stack+0x107/0x167
[ 1812.929026]  should_fail.cold+0x5/0xa
[ 1812.929663]  ? __kernfs_new_node+0xd4/0x860
[ 1812.930380]  should_failslab+0x5/0x20
[ 1812.930992]  kmem_cache_alloc+0x5b/0x310
[ 1812.931671]  __kernfs_new_node+0xd4/0x860
[ 1812.932380]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1812.933173]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1812.933963]  ? wait_for_completion_io+0x270/0x270
[ 1812.934751]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1812.935611]  kernfs_new_node+0x18d/0x250
[ 1812.936274]  __kernfs_create_file+0x51/0x350
[ 1812.937002]  sysfs_add_file_mode_ns+0x221/0x560
[ 1812.937776]  internal_create_group+0x324/0xb30
[ 1812.938530]  ? sysfs_remove_group+0x170/0x170
[ 1812.939264]  ? kernfs_add_one+0x124/0x4d0
[ 1812.939946]  ? kernfs_create_link+0x1b7/0x230
[ 1812.940676]  internal_create_groups.part.0+0x90/0x140
[ 1812.941533]  sysfs_create_groups+0x25/0x50
[ 1812.942225]  device_add+0x7a9/0x1c50
[ 1812.942834]  ? lockdep_init_map_type+0x2c7/0x780
[ 1812.943605]  ? devlink_add_symlinks+0x970/0x970
[ 1812.944308]  netdev_register_kobject+0x17a/0x3b0
[ 1812.944888]  register_netdevice+0xd6e/0x1480
[ 1812.945434]  ? netdev_change_features+0xb0/0xb0
[ 1812.946002]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1812.946535]  __tun_chr_ioctl+0x2156/0x3f60
[ 1812.947051]  ? lock_downgrade+0x6d0/0x6d0
[ 1812.947557]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1812.948143]  ? tun_chr_poll+0x700/0x700
[ 1812.948629]  ? wait_for_completion_io+0x270/0x270
[ 1812.949231]  ? selinux_file_ioctl+0xb6/0x270
[ 1812.949771]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1812.950327]  __x64_sys_ioctl+0x19a/0x210
[ 1812.950824]  do_syscall_64+0x33/0x40
[ 1812.951280]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1812.951918] RIP: 0033:0x7f7955930b19
[ 1812.952373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1812.957393] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1812.958644] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1812.960932] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1812.963194] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1812.965478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1812.967732] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:10:00 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
process_vm_writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000001c0)=""/194, 0xc2}, {&(0x7f0000000100)=""/63, 0x3f}, {&(0x7f0000000140)=""/32, 0x20}, {&(0x7f0000000300)=""/61, 0x3d}, {&(0x7f0000000340)=""/108, 0x6c}, {&(0x7f00000003c0)=""/15, 0xf}], 0x6, &(0x7f0000000540)=[{&(0x7f0000000500)=""/8, 0x8}], 0x1, 0x0)

20:10:00 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:10:00 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:10:00 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 29)

20:10:00 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 13)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:10:00 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 40)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:10:00 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc06, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:10:00 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 79)

[ 1826.824966] FAULT_INJECTION: forcing a failure.
[ 1826.824966] name failslab, interval 1, probability 0, space 0, times 0
[ 1826.825097] FAULT_INJECTION: forcing a failure.
[ 1826.825097] name failslab, interval 1, probability 0, space 0, times 0
[ 1826.826702] CPU: 1 PID: 9569 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1826.826716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1826.826732] Call Trace:
[ 1826.830424]  dump_stack+0x107/0x167
[ 1826.830869]  should_fail.cold+0x5/0xa
[ 1826.831338]  should_failslab+0x5/0x20
[ 1826.831801]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1826.832350]  io_submit_sqes+0x6fe6/0x8610
[ 1826.832871]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1826.833514]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1826.834117]  ? lock_downgrade+0x6d0/0x6d0
[ 1826.834618]  ? find_held_lock+0x2c/0x110
[ 1826.835112]  ? io_submit_sqes+0x8610/0x8610
[ 1826.835642]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1826.836227]  ? wait_for_completion_io+0x270/0x270
[ 1826.836812]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1826.837375]  ? vfs_write+0x354/0xb10
[ 1826.837866]  ? fput_many+0x2f/0x1a0
[ 1826.838309]  ? ksys_write+0x1a9/0x260
[ 1826.838770]  ? __ia32_sys_read+0xb0/0xb0
[ 1826.839263]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1826.839895]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1826.840518]  do_syscall_64+0x33/0x40
[ 1826.840967]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1826.841627] RIP: 0033:0x7fb7d3ecdb19
[ 1826.842079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1826.844302] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1826.845221] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1826.846131] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1826.846995] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1826.847854] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1826.848715] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1826.849640] CPU: 0 PID: 9576 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1826.850486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1826.851496] Call Trace:
[ 1826.851831]  dump_stack+0x107/0x167
[ 1826.857440]  should_fail.cold+0x5/0xa
[ 1826.857917]  ? pty_unix98_install+0xd0/0x980
[ 1826.858454]  should_failslab+0x5/0x20
[ 1826.858917]  kmem_cache_alloc_trace+0x55/0x320
[ 1826.859475]  pty_unix98_install+0xd0/0x980
[ 1826.859989]  ? pty_unthrottle+0x60/0x60
[ 1826.860477]  ? pty_open+0x310/0x310
[ 1826.860920]  tty_init_dev.part.0+0xa0/0x610
[ 1826.861460]  ? pty_open+0x310/0x310
[ 1826.861902]  tty_init_dev+0x5b/0x80
[ 1826.862350]  ptmx_open+0x116/0x370
[ 1826.862787]  ? pty_open+0x310/0x310
[ 1826.863232]  chrdev_open+0x268/0x6e0
[ 1826.863686]  ? __unregister_chrdev+0x110/0x110
[ 1826.864245]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1826.864814]  do_dentry_open+0x4b7/0x1090
[ 1826.865310]  ? __unregister_chrdev+0x110/0x110
[ 1826.865443] FAULT_INJECTION: forcing a failure.
[ 1826.865443] name failslab, interval 1, probability 0, space 0, times 0
[ 1826.865880]  ? may_open+0x1e4/0x400
[ 1826.865897]  path_openat+0x19ba/0x2770
[ 1826.868165]  ? path_lookupat+0x860/0x860
[ 1826.868664]  ? lock_acquire+0x197/0x470
[ 1826.869147]  ? find_held_lock+0x2c/0x110
[ 1826.869666]  do_filp_open+0x190/0x3e0
[ 1826.870128]  ? may_open_dev+0xf0/0xf0
[ 1826.870601]  ? do_raw_spin_lock+0x121/0x260
[ 1826.871129]  ? rwlock_bug.part.0+0x90/0x90
[ 1826.871652]  ? _raw_spin_unlock+0x1a/0x30
[ 1826.872156]  ? alloc_fd+0x2e7/0x670
[ 1826.872608]  do_sys_openat2+0x171/0x4d0
[ 1826.873095]  ? build_open_flags+0x6f0/0x6f0
[ 1826.873631]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1826.874221]  ? wait_for_completion_io+0x270/0x270
[ 1826.874809]  __x64_sys_openat+0x13f/0x1f0
[ 1826.875312]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1826.875823]  ? ksys_write+0x1a9/0x260
[ 1826.876291]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1826.876924]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1826.877568]  do_syscall_64+0x33/0x40
[ 1826.878021]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1826.878642] RIP: 0033:0x7f7574521b19
[ 1826.879095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1826.881319] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1826.882259] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1826.883123] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1826.883984] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1826.884847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1826.885726] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1826.886614] CPU: 1 PID: 9579 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1826.887465] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1826.888468] Call Trace:
[ 1826.888795]  dump_stack+0x107/0x167
[ 1826.889237]  should_fail.cold+0x5/0xa
[ 1826.889743]  ? create_object.isra.0+0x3a/0xa20
[ 1826.890300]  should_failslab+0x5/0x20
[ 1826.890761]  kmem_cache_alloc+0x5b/0x310
[ 1826.891262]  create_object.isra.0+0x3a/0xa20
[ 1826.891795]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1826.892411]  kmem_cache_alloc+0x159/0x310
[ 1826.892920]  __kernfs_new_node+0xd4/0x860
[ 1826.893451]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1826.894062]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1826.894652]  ? wait_for_completion_io+0x270/0x270
[ 1826.895239]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1826.895877]  kernfs_new_node+0x18d/0x250
[ 1826.896375]  __kernfs_create_file+0x51/0x350
[ 1826.896914]  sysfs_add_file_mode_ns+0x221/0x560
[ 1826.897520]  internal_create_group+0x324/0xb30
[ 1826.898109]  ? sysfs_remove_group+0x170/0x170
[ 1826.898653]  ? kernfs_add_one+0x124/0x4d0
[ 1826.899157]  ? kernfs_create_link+0x1b7/0x230
[ 1826.899710]  internal_create_groups.part.0+0x90/0x140
[ 1826.900345]  sysfs_create_groups+0x25/0x50
[ 1826.900858]  device_add+0x7a9/0x1c50
[ 1826.901314]  ? lockdep_init_map_type+0x2c7/0x780
[ 1826.901922]  ? devlink_add_symlinks+0x970/0x970
[ 1826.902495]  netdev_register_kobject+0x17a/0x3b0
[ 1826.903071]  register_netdevice+0xd6e/0x1480
[ 1826.903607]  ? netdev_change_features+0xb0/0xb0
[ 1826.904177]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1826.904713]  __tun_chr_ioctl+0x2156/0x3f60
[ 1826.905229]  ? lock_downgrade+0x6d0/0x6d0
[ 1826.905773]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1826.906365]  ? tun_chr_poll+0x700/0x700
[ 1826.906847]  ? wait_for_completion_io+0x270/0x270
[ 1826.907441]  ? selinux_file_ioctl+0xb6/0x270
[ 1826.907986]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1826.908540]  __x64_sys_ioctl+0x19a/0x210
[ 1826.909045]  do_syscall_64+0x33/0x40
[ 1826.909536]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1826.910168] RIP: 0033:0x7f7955930b19
[ 1826.910623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1826.912868] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1826.913831] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1826.914696] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1826.915555] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1826.916415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1826.917278] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1826.952364] FAULT_INJECTION: forcing a failure.
[ 1826.952364] name failslab, interval 1, probability 0, space 0, times 0
[ 1826.953851] CPU: 0 PID: 9572 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1826.954679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1826.955855] Call Trace:
[ 1826.956193]  dump_stack+0x107/0x167
[ 1826.956640]  should_fail.cold+0x5/0xa
[ 1826.957108]  ? create_object.isra.0+0x3a/0xa20
[ 1826.957687]  should_failslab+0x5/0x20
[ 1826.958160]  kmem_cache_alloc+0x5b/0x310
[ 1826.958661]  create_object.isra.0+0x3a/0xa20
[ 1826.959200]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1826.959820]  kmem_cache_alloc+0x159/0x310
[ 1826.960334]  __kernfs_new_node+0xd4/0x860
[ 1826.960839]  ? kernfs_activate+0x2c/0x1d0
[ 1826.961349]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1826.961951]  ? lock_release+0x680/0x680
[ 1826.962445]  ? find_held_lock+0x2c/0x110
[ 1826.962944]  kernfs_new_node+0x18d/0x250
[ 1826.963445]  __kernfs_create_file+0x51/0x350
[ 1826.963983]  sysfs_add_file_mode_ns+0x221/0x560
[ 1826.964559]  internal_create_group+0x324/0xb30
[ 1826.965121]  ? sysfs_remove_group+0x170/0x170
[ 1826.965685]  ? kernfs_add_one+0x124/0x4d0
[ 1826.966195]  ? kernfs_create_link+0x1b7/0x230
[ 1826.966743]  internal_create_groups.part.0+0x90/0x140
[ 1826.967373]  sysfs_create_groups+0x25/0x50
[ 1826.967890]  device_add+0x7a9/0x1c50
[ 1826.968348]  ? lockdep_init_map_type+0x2c7/0x780
[ 1826.968922]  ? devlink_add_symlinks+0x970/0x970
[ 1826.969512]  netdev_register_kobject+0x17a/0x3b0
[ 1826.970098]  register_netdevice+0xd6e/0x1480
[ 1826.970640]  ? netdev_change_features+0xb0/0xb0
[ 1826.971214]  ? __tun_chr_ioctl+0x20db/0x3f60
[ 1826.971755]  __tun_chr_ioctl+0x2156/0x3f60
[ 1826.972275]  ? lock_downgrade+0x6d0/0x6d0
[ 1826.972785]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1826.973373]  ? tun_chr_poll+0x700/0x700
[ 1826.973875]  ? wait_for_completion_io+0x270/0x270
[ 1826.974473]  ? selinux_file_ioctl+0xb6/0x270
[ 1826.975014]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1826.975566]  __x64_sys_ioctl+0x19a/0x210
[ 1826.976066]  do_syscall_64+0x33/0x40
[ 1826.976521]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1826.977171] RIP: 0033:0x7fc68ced6b19
[ 1826.977639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1826.979872] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1826.980798] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1826.981677] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1826.982550] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1826.983419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1826.984287] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:10:00 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 30)

20:10:00 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_setup(0x3c1d, &(0x7f0000000100)={0x0, 0x1d10, 0x1, 0x2, 0x277}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000200))
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002580)=[{{&(0x7f0000000240), 0x6e, &(0x7f0000000600)=[{&(0x7f0000000300)=""/122, 0x7a}, {&(0x7f0000000380)=""/213, 0xd5}, {&(0x7f0000000500)=""/246, 0xf6}], 0x3, &(0x7f0000000640)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r4=>0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc8}}, {{&(0x7f0000000740)=@abs, 0x6e, &(0x7f0000000c00)=[{&(0x7f00000007c0)=""/233, 0xe9}, {&(0x7f00000008c0)=""/98, 0x62}, {&(0x7f0000000940)=""/24, 0x18}, {&(0x7f0000000980)=""/4, 0x4}, {&(0x7f00000009c0)=""/153, 0x99}, {&(0x7f0000000a80)=""/210, 0xd2}, {&(0x7f0000000b80)=""/90, 0x5a}], 0x7, &(0x7f0000000c80)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000000d00), 0x6e, &(0x7f0000001000)=[{&(0x7f0000000d80)=""/67, 0x43}, {&(0x7f0000000e00)=""/54, 0x36}, {&(0x7f0000000e40)=""/119, 0x77}, {&(0x7f0000000ec0)=""/22, 0x16}, {&(0x7f0000000f00)=""/236, 0xec}], 0x14}}, {{&(0x7f0000001080)=@abs, 0x6e, &(0x7f0000002500)=[{&(0x7f0000001100)=""/62, 0x3e}, {&(0x7f0000001140)=""/239, 0xef}, {&(0x7f0000001240)=""/93, 0x5d}, {&(0x7f00000012c0)=""/210, 0xd2}, {&(0x7f00000013c0)=""/181, 0xb5}, {&(0x7f0000001480)=""/49, 0x31}, {&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f00000024c0)=""/12, 0xc}], 0x8}}], 0x4, 0x0, &(0x7f0000002680)={0x77359400})
syz_io_uring_submit(r3, r2, &(0x7f0000002700)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, r4, 0x0, &(0x7f00000026c0)='./file0\x00', 0x158, 0xa0c2, 0x23456}, 0xbd)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r6, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r5, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1827.095354] FAULT_INJECTION: forcing a failure.
[ 1827.095354] name failslab, interval 1, probability 0, space 0, times 0
[ 1827.097033] CPU: 1 PID: 9588 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1827.102048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1827.103125] Call Trace:
[ 1827.103524]  dump_stack+0x107/0x167
[ 1827.103987]  should_fail.cold+0x5/0xa
[ 1827.104507]  ? create_object.isra.0+0x3a/0xa20
[ 1827.105064]  should_failslab+0x5/0x20
[ 1827.105622]  kmem_cache_alloc+0x5b/0x310
[ 1827.106115]  ? mark_held_locks+0x9e/0xe0
[ 1827.106662]  create_object.isra.0+0x3a/0xa20
[ 1827.107258]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1827.107876]  kmem_cache_alloc_bulk+0x168/0x320
[ 1827.108493]  io_submit_sqes+0x6fe6/0x8610
[ 1827.109015]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1827.109732]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1827.110379]  ? lock_downgrade+0x6d0/0x6d0
[ 1827.110880]  ? find_held_lock+0x2c/0x110
[ 1827.111428]  ? io_submit_sqes+0x8610/0x8610
[ 1827.111959]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1827.112607]  ? wait_for_completion_io+0x270/0x270
[ 1827.113272]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1827.113852]  ? vfs_write+0x354/0xb10
[ 1827.114358]  ? fput_many+0x2f/0x1a0
[ 1827.114802]  ? ksys_write+0x1a9/0x260
[ 1827.115316]  ? __ia32_sys_read+0xb0/0xb0
[ 1827.115811]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1827.116497]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1827.117122]  do_syscall_64+0x33/0x40
[ 1827.117669]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1827.118341] RIP: 0033:0x7fb7d3ecdb19
[ 1827.118793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1827.121104] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1827.122118] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1827.123031] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1827.123941] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.124862] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1827.125818] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:10:00 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 14)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:10:00 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 80)

20:10:00 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc07, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:10:00 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 41)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:10:00 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000002, 0x13, r0, 0x8000000)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xc, 0x13, r0, 0x10000000)
r7 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r10}}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x2, &(0x7f0000000100), 0x1, 0x0, 0x0, {0x0, r10}}, 0x7)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1827.295155] FAULT_INJECTION: forcing a failure.
[ 1827.295155] name failslab, interval 1, probability 0, space 0, times 0
[ 1827.297366] CPU: 1 PID: 9593 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1827.298265] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1827.299267] Call Trace:
[ 1827.299595]  dump_stack+0x107/0x167
[ 1827.300039]  should_fail.cold+0x5/0xa
[ 1827.300507]  ? __kernfs_new_node+0xd4/0x860
[ 1827.301038]  should_failslab+0x5/0x20
[ 1827.301540]  kmem_cache_alloc+0x5b/0x310
[ 1827.302084]  __kernfs_new_node+0xd4/0x860
[ 1827.302633]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1827.303264]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1827.303893]  ? wait_for_completion_io+0x270/0x270
[ 1827.304489]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1827.305133]  kernfs_new_node+0x18d/0x250
[ 1827.305691]  __kernfs_create_file+0x51/0x350
[ 1827.306274]  sysfs_add_file_mode_ns+0x221/0x560
[ 1827.306893]  internal_create_group+0x324/0xb30
[ 1827.307496]  ? sysfs_remove_group+0x170/0x170
[ 1827.308094]  ? kernfs_add_one+0x124/0x4d0
[ 1827.308645]  ? kernfs_create_link+0x1b7/0x230
[ 1827.309246]  internal_create_groups.part.0+0x90/0x140
[ 1827.309942]  sysfs_create_groups+0x25/0x50
[ 1827.310499]  device_add+0x7a9/0x1c50
[ 1827.311012]  ? lockdep_init_map_type+0x2c7/0x780
[ 1827.311636]  ? devlink_add_symlinks+0x970/0x970
[ 1827.312258]  netdev_register_kobject+0x17a/0x3b0
[ 1827.312892]  register_netdevice+0xd6e/0x1480
[ 1827.313486]  ? netdev_change_features+0xb0/0xb0
[ 1827.314099]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1827.314620]  __tun_chr_ioctl+0x2156/0x3f60
[ 1827.315170]  ? lock_downgrade+0x6d0/0x6d0
[ 1827.315696]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1827.316318]  ? tun_chr_poll+0x700/0x700
[ 1827.316844]  ? wait_for_completion_io+0x270/0x270
[ 1827.317520]  ? selinux_file_ioctl+0xb6/0x270
[ 1827.318114]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1827.318708]  __x64_sys_ioctl+0x19a/0x210
[ 1827.319254]  do_syscall_64+0x33/0x40
[ 1827.319752]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1827.320417] RIP: 0033:0x7f7955930b19
[ 1827.320912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1827.327322] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1827.328320] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1827.329234] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1827.330170] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.331091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1827.332014] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1827.345717] FAULT_INJECTION: forcing a failure.
[ 1827.345717] name failslab, interval 1, probability 0, space 0, times 0
[ 1827.347282] CPU: 0 PID: 9600 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1827.348126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1827.349143] Call Trace:
[ 1827.349483]  dump_stack+0x107/0x167
[ 1827.349933]  should_fail.cold+0x5/0xa
[ 1827.350417]  ? create_object.isra.0+0x3a/0xa20
[ 1827.351002]  should_failslab+0x5/0x20
[ 1827.351468]  kmem_cache_alloc+0x5b/0x310
[ 1827.351973]  create_object.isra.0+0x3a/0xa20
[ 1827.352511]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1827.353157]  kmem_cache_alloc_trace+0x151/0x320
[ 1827.353744]  pty_unix98_install+0xd0/0x980
[ 1827.354263]  ? pty_unthrottle+0x60/0x60
[ 1827.354748]  ? pty_open+0x310/0x310
[ 1827.355191]  tty_init_dev.part.0+0xa0/0x610
[ 1827.355719]  ? pty_open+0x310/0x310
[ 1827.356161]  tty_init_dev+0x5b/0x80
[ 1827.356608]  ptmx_open+0x116/0x370
[ 1827.357044]  ? pty_open+0x310/0x310
[ 1827.357522]  chrdev_open+0x268/0x6e0
[ 1827.357982]  ? __unregister_chrdev+0x110/0x110
[ 1827.358567]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1827.359143]  do_dentry_open+0x4b7/0x1090
[ 1827.359642]  ? __unregister_chrdev+0x110/0x110
[ 1827.360202]  ? may_open+0x1e4/0x400
[ 1827.360648]  path_openat+0x19ba/0x2770
[ 1827.361130]  ? path_lookupat+0x860/0x860
[ 1827.361640]  ? lock_acquire+0x197/0x470
[ 1827.362121]  ? find_held_lock+0x2c/0x110
[ 1827.362624]  do_filp_open+0x190/0x3e0
[ 1827.363085]  ? may_open_dev+0xf0/0xf0
[ 1827.363560]  ? do_raw_spin_lock+0x121/0x260
[ 1827.364085]  ? rwlock_bug.part.0+0x90/0x90
[ 1827.364606]  ? _raw_spin_unlock+0x1a/0x30
[ 1827.365112]  ? alloc_fd+0x2e7/0x670
[ 1827.365577]  do_sys_openat2+0x171/0x4d0
[ 1827.366066]  ? build_open_flags+0x6f0/0x6f0
[ 1827.366596]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1827.367194]  ? wait_for_completion_io+0x270/0x270
[ 1827.367790]  __x64_sys_openat+0x13f/0x1f0
[ 1827.368300]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1827.368816]  ? ksys_write+0x1a9/0x260
[ 1827.369290]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1827.369943]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1827.370572]  do_syscall_64+0x33/0x40
[ 1827.371026]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1827.371648] RIP: 0033:0x7f7574521b19
[ 1827.372103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1827.374348] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1827.375274] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1827.376140] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1827.377005] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.377888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1827.378765] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:10:00 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 31)

20:10:00 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2007, @fd=r0, 0x0, 0x0, 0x0, 0x9, 0x0, {0x0, r6}}, 0x80000001)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(r8, r7)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1827.439535] FAULT_INJECTION: forcing a failure.
[ 1827.439535] name failslab, interval 1, probability 0, space 0, times 0
[ 1827.441013] CPU: 0 PID: 9608 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1827.441854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1827.442857] Call Trace:
[ 1827.443187]  dump_stack+0x107/0x167
[ 1827.443653]  should_fail.cold+0x5/0xa
[ 1827.444145]  ? create_object.isra.0+0x3a/0xa20
[ 1827.444711]  should_failslab+0x5/0x20
[ 1827.445184]  kmem_cache_alloc+0x5b/0x310
[ 1827.445697]  ? mark_held_locks+0x9e/0xe0
[ 1827.446199]  create_object.isra.0+0x3a/0xa20
[ 1827.446734]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1827.447357]  kmem_cache_alloc_bulk+0x168/0x320
[ 1827.447924]  io_submit_sqes+0x6fe6/0x8610
[ 1827.448455]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1827.449069]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1827.449687]  ? lock_downgrade+0x6d0/0x6d0
[ 1827.450198]  ? find_held_lock+0x2c/0x110
[ 1827.450697]  ? io_submit_sqes+0x8610/0x8610
[ 1827.451231]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1827.451821]  ? wait_for_completion_io+0x270/0x270
[ 1827.452411]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1827.452977]  ? vfs_write+0x354/0xb10
[ 1827.453439]  ? fput_many+0x2f/0x1a0
[ 1827.453890]  ? ksys_write+0x1a9/0x260
[ 1827.454374]  ? __ia32_sys_read+0xb0/0xb0
[ 1827.454893]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1827.455528]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1827.456161]  do_syscall_64+0x33/0x40
[ 1827.456613]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1827.457236] RIP: 0033:0x7fb7d3ecdb19
[ 1827.457706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1827.459942] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1827.460906] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1827.461812] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1827.462688] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.463559] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1827.464426] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1827.473075] FAULT_INJECTION: forcing a failure.
[ 1827.473075] name failslab, interval 1, probability 0, space 0, times 0
[ 1827.474731] CPU: 1 PID: 9606 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1827.475628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1827.476685] Call Trace:
[ 1827.477041]  dump_stack+0x107/0x167
[ 1827.477534]  should_fail.cold+0x5/0xa
[ 1827.478043]  ? __kernfs_new_node+0xd4/0x860
[ 1827.478611]  should_failslab+0x5/0x20
[ 1827.479119]  kmem_cache_alloc+0x5b/0x310
[ 1827.479655]  __kernfs_new_node+0xd4/0x860
[ 1827.480206]  ? kernfs_activate+0x2c/0x1d0
[ 1827.480756]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1827.481383]  ? lock_release+0x680/0x680
[ 1827.481934]  ? find_held_lock+0x2c/0x110
[ 1827.482470]  kernfs_new_node+0x18d/0x250
[ 1827.483004]  __kernfs_create_file+0x51/0x350
[ 1827.483578]  sysfs_add_file_mode_ns+0x221/0x560
[ 1827.484193]  internal_create_group+0x324/0xb30
[ 1827.484798]  ? sysfs_remove_group+0x170/0x170
[ 1827.485357]  ? kernfs_add_one+0x124/0x4d0
[ 1827.485893]  ? kernfs_create_link+0x1b7/0x230
[ 1827.486462]  internal_create_groups.part.0+0x90/0x140
[ 1827.487143]  sysfs_create_groups+0x25/0x50
[ 1827.487700]  device_add+0x7a9/0x1c50
[ 1827.488202]  ? lockdep_init_map_type+0x2c7/0x780
[ 1827.488820]  ? devlink_add_symlinks+0x970/0x970
[ 1827.489408]  netdev_register_kobject+0x17a/0x3b0
[ 1827.490027]  register_netdevice+0xd6e/0x1480
[ 1827.490612]  ? netdev_change_features+0xb0/0xb0
[ 1827.491232]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1827.491810]  __tun_chr_ioctl+0x2156/0x3f60
[ 1827.492388]  ? lock_downgrade+0x6d0/0x6d0
[ 1827.492942]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1827.493591]  ? tun_chr_poll+0x700/0x700
[ 1827.494124]  ? wait_for_completion_io+0x270/0x270
[ 1827.494764]  ? selinux_file_ioctl+0xb6/0x270
[ 1827.495343]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1827.495921]  __x64_sys_ioctl+0x19a/0x210
[ 1827.496455]  do_syscall_64+0x33/0x40
[ 1827.496941]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1827.497630] RIP: 0033:0x7fc68ced6b19
[ 1827.498119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1827.500494] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1827.501504] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1827.502392] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1827.503290] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.504221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1827.505188] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:10:00 executing program 1:
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:10:00 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:10:00 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 15)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1827.574700] FAULT_INJECTION: forcing a failure.
[ 1827.574700] name failslab, interval 1, probability 0, space 0, times 0
[ 1827.576497] CPU: 1 PID: 9620 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1827.577390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1827.578463] Call Trace:
[ 1827.578804]  dump_stack+0x107/0x167
[ 1827.579258]  should_fail.cold+0x5/0xa
[ 1827.579737]  ? pty_unix98_install+0xfe/0x980
[ 1827.580305]  should_failslab+0x5/0x20
[ 1827.580793]  kmem_cache_alloc_trace+0x55/0x320
[ 1827.581362]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1827.582020]  pty_unix98_install+0xfe/0x980
[ 1827.582558]  ? pty_unthrottle+0x60/0x60
[ 1827.583060]  ? pty_open+0x310/0x310
[ 1827.583516]  tty_init_dev.part.0+0xa0/0x610
[ 1827.584056]  ? pty_open+0x310/0x310
[ 1827.584514]  tty_init_dev+0x5b/0x80
[ 1827.584967]  ptmx_open+0x116/0x370
[ 1827.585414]  ? pty_open+0x310/0x310
[ 1827.585892]  chrdev_open+0x268/0x6e0
[ 1827.586369]  ? __unregister_chrdev+0x110/0x110
[ 1827.586968]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1827.587588]  do_dentry_open+0x4b7/0x1090
[ 1827.588130]  ? __unregister_chrdev+0x110/0x110
[ 1827.588733]  ? may_open+0x1e4/0x400
[ 1827.589226]  path_openat+0x19ba/0x2770
[ 1827.589775]  ? path_lookupat+0x860/0x860
[ 1827.590318]  ? lock_acquire+0x197/0x470
[ 1827.590844]  ? find_held_lock+0x2c/0x110
[ 1827.591396]  do_filp_open+0x190/0x3e0
[ 1827.591900]  ? may_open_dev+0xf0/0xf0
[ 1827.592419]  ? do_raw_spin_lock+0x121/0x260
[ 1827.592993]  ? rwlock_bug.part.0+0x90/0x90
[ 1827.593581]  ? _raw_spin_unlock+0x1a/0x30
[ 1827.594131]  ? alloc_fd+0x2e7/0x670
[ 1827.594627]  do_sys_openat2+0x171/0x4d0
[ 1827.595161]  ? build_open_flags+0x6f0/0x6f0
[ 1827.595736]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1827.596380]  ? wait_for_completion_io+0x270/0x270
[ 1827.597026]  __x64_sys_openat+0x13f/0x1f0
[ 1827.597590]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1827.598147]  ? ksys_write+0x1a9/0x260
[ 1827.598660]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1827.599354]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1827.600038]  do_syscall_64+0x33/0x40
[ 1827.600533]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1827.601207] RIP: 0033:0x7f7574521b19
[ 1827.601727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1827.604131] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1827.605082] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1827.606012] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1827.606899] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.607785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1827.608698] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:10:01 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 32)

[ 1827.650807] FAULT_INJECTION: forcing a failure.
[ 1827.650807] name failslab, interval 1, probability 0, space 0, times 0
[ 1827.652536] CPU: 0 PID: 9624 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1827.653515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1827.654527] Call Trace:
[ 1827.654859]  dump_stack+0x107/0x167
[ 1827.655311]  should_fail.cold+0x5/0xa
[ 1827.655787]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1827.656432]  should_failslab+0x5/0x20
[ 1827.656898]  __kmalloc_node+0x76/0x420
[ 1827.657389]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1827.658024]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1827.658646]  kmem_cache_alloc_bulk+0x182/0x320
[ 1827.659214]  io_submit_sqes+0x6fe6/0x8610
[ 1827.659738]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1827.660348]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1827.660942]  ? io_submit_sqes+0x8610/0x8610
[ 1827.661485]  ? recalibrate_cpu_khz+0x10/0x10
[ 1827.662023]  ? ktime_get+0x158/0x1f0
[ 1827.662482]  ? setup_APIC_eilvt+0x2f0/0x2f0
[ 1827.663008]  ? clockevents_program_event+0x131/0x360
[ 1827.663631]  ? tick_program_event+0xa8/0x140
[ 1827.664170]  ? hrtimer_interrupt+0x771/0x9b0
[ 1827.664717]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1827.665364]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1827.666010]  do_syscall_64+0x33/0x40
[ 1827.666473]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1827.667124] RIP: 0033:0x7fb7d3ecdb19
[ 1827.667583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1827.669838] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1827.670767] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1827.671636] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1827.672508] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.673377] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1827.674265] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:10:01 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc0a, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:10:01 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x1f, 0x3f, 0x1, 0xff, 0x0, 0x9, 0x1040, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x9, 0x8}, 0x8801, 0x3f, 0x0, 0x8, 0x0, 0x8001, 0x20, 0x0, 0x15c981c1, 0x0, 0x8}, 0x0, 0xc, 0xffffffffffffffff, 0x8)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80000)
perf_event_open(&(0x7f0000000300)={0x4, 0x80, 0x1f, 0x81, 0x20, 0x0, 0x0, 0x8, 0x4000, 0x5, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000240), 0x8}, 0x440, 0x4, 0x4, 0x9, 0x400, 0x1ff3, 0xc22, 0x0, 0x9, 0x0, 0x7}, 0x0, 0x7, 0xffffffffffffffff, 0x0)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000140)='tunl0\x00', 0x10)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:10:01 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 33)

[ 1827.843345] FAULT_INJECTION: forcing a failure.
[ 1827.843345] name failslab, interval 1, probability 0, space 0, times 0
[ 1827.845139] CPU: 1 PID: 9632 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1827.846061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1827.847128] Call Trace:
[ 1827.847480]  dump_stack+0x107/0x167
[ 1827.847970]  should_fail.cold+0x5/0xa
[ 1827.848477]  ? create_object.isra.0+0x3a/0xa20
[ 1827.849076]  should_failslab+0x5/0x20
[ 1827.849588]  kmem_cache_alloc+0x5b/0x310
[ 1827.850123]  ? find_held_lock+0x2c/0x110
[ 1827.850663]  create_object.isra.0+0x3a/0xa20
[ 1827.851240]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1827.851910]  __kmalloc_node+0x1ae/0x420
[ 1827.852438]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1827.853105]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1827.853783]  kmem_cache_alloc_bulk+0x182/0x320
[ 1827.854386]  io_submit_sqes+0x6fe6/0x8610
[ 1827.854925]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1827.855551]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1827.856186]  ? lock_downgrade+0x6d0/0x6d0
[ 1827.856728]  ? find_held_lock+0x2c/0x110
[ 1827.857264]  ? io_submit_sqes+0x8610/0x8610
[ 1827.857856]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1827.858489]  ? wait_for_completion_io+0x270/0x270
[ 1827.859124]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1827.859719]  ? vfs_write+0x354/0xb10
[ 1827.860204]  ? fput_many+0x2f/0x1a0
[ 1827.860687]  ? ksys_write+0x1a9/0x260
[ 1827.861183]  ? __ia32_sys_read+0xb0/0xb0
[ 1827.861740]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1827.862426]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1827.863103]  do_syscall_64+0x33/0x40
[ 1827.863594]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1827.864269] RIP: 0033:0x7fb7d3ecdb19
[ 1827.864759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1827.867136] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1827.868118] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1827.869039] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1827.869981] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1827.870906] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1827.871822] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:10:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x2)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:10:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 81)

20:10:16 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc0a, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1842.896235] FAULT_INJECTION: forcing a failure.
[ 1842.896235] name failslab, interval 1, probability 0, space 0, times 0
20:10:16 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 34)

20:10:16 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 16)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1842.897679] CPU: 0 PID: 9643 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1842.898573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1842.899731] Call Trace:
[ 1842.900109]  dump_stack+0x107/0x167
[ 1842.900627]  should_fail.cold+0x5/0xa
[ 1842.901162]  ? create_object.isra.0+0x3a/0xa20
[ 1842.901809]  should_failslab+0x5/0x20
[ 1842.902340]  kmem_cache_alloc+0x5b/0x310
[ 1842.902837]  create_object.isra.0+0x3a/0xa20
[ 1842.903373]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1842.903988]  kmem_cache_alloc+0x159/0x310
[ 1842.904498]  __kernfs_new_node+0xd4/0x860
[ 1842.905007]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1842.905585] FAULT_INJECTION: forcing a failure.
[ 1842.905585] name failslab, interval 1, probability 0, space 0, times 0
[ 1842.906937]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1842.907601]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1842.908193]  ? wait_for_completion_io+0x270/0x270
[ 1842.908787]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1842.909430]  kernfs_new_node+0x18d/0x250
[ 1842.909924]  __kernfs_create_file+0x51/0x350
[ 1842.910529]  sysfs_add_file_mode_ns+0x221/0x560
[ 1842.911183]  internal_create_group+0x324/0xb30
[ 1842.911816]  ? sysfs_remove_group+0x170/0x170
[ 1842.912439]  ? kernfs_add_one+0x124/0x4d0
[ 1842.913013]  ? kernfs_create_link+0x1b7/0x230
[ 1842.913639]  internal_create_groups.part.0+0x90/0x140
[ 1842.914361]  sysfs_create_groups+0x25/0x50
[ 1842.914945]  device_add+0x7a9/0x1c50
[ 1842.915471]  ? lockdep_init_map_type+0x2c7/0x780
[ 1842.916130]  ? devlink_add_symlinks+0x970/0x970
[ 1842.916787]  netdev_register_kobject+0x17a/0x3b0
[ 1842.918160]  register_netdevice+0xd6e/0x1480
[ 1842.918799]  ? netdev_change_features+0xb0/0xb0
[ 1842.920145]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1842.920770]  __tun_chr_ioctl+0x2156/0x3f60
[ 1842.922000]  ? lock_downgrade+0x6d0/0x6d0
[ 1842.922609]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1842.924003]  ? tun_chr_poll+0x700/0x700
[ 1842.924581]  ? wait_for_completion_io+0x270/0x270
[ 1842.925987]  ? selinux_file_ioctl+0xb6/0x270
[ 1842.926631]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1842.927923]  __x64_sys_ioctl+0x19a/0x210
[ 1842.928512]  do_syscall_64+0x33/0x40
[ 1842.929583]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1842.930332] RIP: 0033:0x7f7955930b19
[ 1842.931436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1842.934156] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1842.935232] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1842.936246] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1842.937252] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1842.938267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1842.939280] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1842.940322] CPU: 1 PID: 9650 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1842.940848] FAULT_INJECTION: forcing a failure.
[ 1842.940848] name failslab, interval 1, probability 0, space 0, times 0
[ 1842.941351] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1842.941356] Call Trace:
[ 1842.941380]  dump_stack+0x107/0x167
[ 1842.941394]  should_fail.cold+0x5/0xa
[ 1842.941413]  ? create_object.isra.0+0x3a/0xa20
[ 1842.941430]  should_failslab+0x5/0x20
[ 1842.941445]  kmem_cache_alloc+0x5b/0x310
[ 1842.941459]  ? mark_held_locks+0x9e/0xe0
[ 1842.941473]  create_object.isra.0+0x3a/0xa20
[ 1842.941494]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1842.956717]  kmem_cache_alloc_bulk+0x168/0x320
[ 1842.958042]  io_submit_sqes+0x6fe6/0x8610
[ 1842.959244]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1842.960660]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1842.962039]  ? lock_downgrade+0x6d0/0x6d0
[ 1842.963214]  ? find_held_lock+0x2c/0x110
[ 1842.964369]  ? io_submit_sqes+0x8610/0x8610
[ 1842.965617]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1842.967002]  ? wait_for_completion_io+0x270/0x270
[ 1842.968379]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1842.969698]  ? vfs_write+0x354/0xb10
[ 1842.970769]  ? fput_many+0x2f/0x1a0
[ 1842.971799]  ? ksys_write+0x1a9/0x260
[ 1842.972929]  ? __ia32_sys_read+0xb0/0xb0
[ 1842.974128]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1842.975620]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1842.977091]  do_syscall_64+0x33/0x40
[ 1842.978153]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1842.979621] RIP: 0033:0x7fb7d3ecdb19
[ 1842.980672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1842.985993] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1842.988165] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1842.990235] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1842.992276] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1842.994332] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1842.996368] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1842.998437] CPU: 0 PID: 9649 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1842.999413] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1843.000577] Call Trace:
[ 1843.000941]  dump_stack+0x107/0x167
[ 1843.001450]  should_fail.cold+0x5/0xa
[ 1843.001987]  ? create_object.isra.0+0x3a/0xa20
[ 1843.002629]  should_failslab+0x5/0x20
[ 1843.003173]  kmem_cache_alloc+0x5b/0x310
[ 1843.003737]  ? mark_held_locks+0x9e/0xe0
[ 1843.004300]  create_object.isra.0+0x3a/0xa20
[ 1843.004926]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1843.005640]  kmem_cache_alloc_trace+0x151/0x320
[ 1843.006298]  pty_unix98_install+0xfe/0x980
[ 1843.007554]  ? pty_unthrottle+0x60/0x60
[ 1843.008150]  ? pty_open+0x310/0x310
[ 1843.009244]  tty_init_dev.part.0+0xa0/0x610
[ 1843.009859]  ? pty_open+0x310/0x310
[ 1843.010933]  tty_init_dev+0x5b/0x80
[ 1843.011971]  ptmx_open+0x116/0x370
[ 1843.013009]  ? pty_open+0x310/0x310
[ 1843.014061]  chrdev_open+0x268/0x6e0
[ 1843.015146]  ? __unregister_chrdev+0x110/0x110
[ 1843.016459]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1843.017829]  do_dentry_open+0x4b7/0x1090
[ 1843.019003]  ? __unregister_chrdev+0x110/0x110
[ 1843.020331]  ? may_open+0x1e4/0x400
[ 1843.021368]  path_openat+0x19ba/0x2770
[ 1843.022496]  ? path_lookupat+0x860/0x860
[ 1843.023662]  ? lock_acquire+0x197/0x470
[ 1843.024821]  ? find_held_lock+0x2c/0x110
[ 1843.025994]  do_filp_open+0x190/0x3e0
[ 1843.027083]  ? may_open_dev+0xf0/0xf0
[ 1843.028178]  ? do_raw_spin_lock+0x121/0x260
[ 1843.029435]  ? rwlock_bug.part.0+0x90/0x90
[ 1843.030662]  ? _raw_spin_unlock+0x1a/0x30
[ 1843.031851]  ? alloc_fd+0x2e7/0x670
[ 1843.032896]  do_sys_openat2+0x171/0x4d0
[ 1843.034067]  ? build_open_flags+0x6f0/0x6f0
[ 1843.035297]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.036697]  ? wait_for_completion_io+0x270/0x270
[ 1843.038089]  __x64_sys_openat+0x13f/0x1f0
[ 1843.039292]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1843.040496]  ? ksys_write+0x1a9/0x260
[ 1843.041607]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1843.043118]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1843.044619]  do_syscall_64+0x33/0x40
[ 1843.045678]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1843.047178] RIP: 0033:0x7f7574521b19
[ 1843.048239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1843.053670] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1843.055870] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1843.057919] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1843.059986] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1843.062043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1843.064115] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1843.088754] FAULT_INJECTION: forcing a failure.
[ 1843.088754] name failslab, interval 1, probability 0, space 0, times 0
[ 1843.090628] CPU: 1 PID: 9660 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1843.091611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1843.092782] Call Trace:
[ 1843.093186]  dump_stack+0x107/0x167
[ 1843.094294]  should_fail.cold+0x5/0xa
[ 1843.094852]  ? __kernfs_new_node+0xd4/0x860
[ 1843.096104]  should_failslab+0x5/0x20
[ 1843.097188]  kmem_cache_alloc+0x5b/0x310
[ 1843.098357]  __kernfs_new_node+0xd4/0x860
[ 1843.099540]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1843.100907]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.102297]  ? wait_for_completion_io+0x270/0x270
[ 1843.103680]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1843.105185]  kernfs_new_node+0x18d/0x250
[ 1843.106358]  __kernfs_create_file+0x51/0x350
[ 1843.107616]  sysfs_add_file_mode_ns+0x221/0x560
[ 1843.108946]  internal_create_group+0x324/0xb30
[ 1843.110264]  ? sysfs_remove_group+0x170/0x170
[ 1843.111545]  ? kernfs_add_one+0x124/0x4d0
[ 1843.112726]  ? kernfs_create_link+0x1b7/0x230
20:10:16 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:10:16 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 42)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:10:16 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:10:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x3)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1843.118121]  internal_create_groups.part.0+0x90/0x140
[ 1843.118851]  sysfs_create_groups+0x25/0x50
[ 1843.119446]  device_add+0x7a9/0x1c50
[ 1843.119973]  ? lockdep_init_map_type+0x2c7/0x780
[ 1843.120629]  ? devlink_add_symlinks+0x970/0x970
[ 1843.121285]  netdev_register_kobject+0x17a/0x3b0
[ 1843.122683]  register_netdevice+0xd6e/0x1480
[ 1843.123318]  ? netdev_change_features+0xb0/0xb0
[ 1843.124647]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1843.125279]  __tun_chr_ioctl+0x2156/0x3f60
[ 1843.126500]  ? lock_downgrade+0x6d0/0x6d0
[ 1843.127096]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.128468]  ? tun_chr_poll+0x700/0x700
[ 1843.129037]  ? wait_for_completion_io+0x270/0x270
[ 1843.130439]  ? selinux_file_ioctl+0xb6/0x270
[ 1843.131074]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1843.132364]  __x64_sys_ioctl+0x19a/0x210
[ 1843.132947]  do_syscall_64+0x33/0x40
[ 1843.134015]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1843.134747] RIP: 0033:0x7fc68ced6b19
[ 1843.135813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1843.138648] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1843.140831] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1843.141833] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1843.142863] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1843.143882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1843.145619] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:10:16 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000140)={&(0x7f0000000500)={0x218, 0x3e, 0x400, 0x70bd2d, 0x25dfdbff, {0x1d}, [@typed={0x88, 0x2e, 0x0, 0x0, @binary="84f86efbb8dca7332d6e2312ca706a6c6c1f8c9ff8743c9b86116e63d9cd649df3f548cb06432416328bd1a8a0d62205161be9ca63d3b1401fe5a08f48e0837b580b9a6c568f2e81639f1fea303aa956a7b0cca1944ecef8d1d7abdbe0920dba54d5aac5025ee8392d92ef0612d117c7464ea382d9d9443fe8655402494cd47bad4865bc"}, @typed={0x9, 0x81, 0x0, 0x0, @str='(/,]\x00'}, @typed={0x8, 0x1d, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="789d304027bf1255fc4e2efe9fbb3004c40e1afe1f4aeded4207af9a353a8d7b035f950b5d573f823a39fef2a2c1d3bac0a098001663a2c240956bd7c054a3a37c39e074e8b3865405999d5a33ebd778b91c7c4d31e60a1b1704d5c030ff79e2b777d69bbb179afa4c0d6cbf81501893b3476467b529791b0b9a50648520f7c6d862395ad4e4f14ae09ba61652f78461f23d4a8d83edb7ef9a5374a2d03cd19504560fe98cb7ff052298253d655db1726eb26d9d4147377ac25a13ee15f5ecd5531b2fbd4b2d1c03324763093f7e47a96d", @generic="ef5b7156947ad8bffa29b89392ec77339847d7d7fa320b873dab5017353fe277468be7f897ff73f3c5bf6a14276ebc190931102c7d7d83820459c31ef227a0090be19c3c4fc6cc7184d915e6122691f3d6105679cf3110f9d0ca89e1dfeafc13d81007ef5a8a3fe96c80e62f36b2bc86342bd50814e4f3814eeb7947d47db20af13162badd8b8116ad8767d34a89b923ca3a7597daaec9", @generic]}, 0x218}, 0x1, 0x0, 0x0, 0x10}, 0x800)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:10:16 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:10:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 82)

20:10:16 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 17)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:10:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x4)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:10:16 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x8}, &(0x7f0000ff4000/0xa000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r4=>r0, @ANYBLOB="01040000000000010000800000000000d1fddcce52889aaaa68e3f190551ae5253cb5201599c2ed31940693e8b6015e42d1ee77c26137628a74e03516d30a033fec9ff62cf643e8fd4d2c9e7357f3e27b25066e800f8c06214649d7bc3bf3ab6e6e098d6dfeae4ebc97567a0ccbd17cfde49af72c62aaa4bb9af1a860ec9ba6641d625d57d0efae7c39e5273585ee9c431b9c70d9d81e5f7e9ae8319c91205141912ae91901ed74a13aa019f178d11d3cfe4d28af7aeebb335"])
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff6000/0x3000)=nil, 0x3000, 0x2, 0x10010, r1, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000140)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd_index=0x9, 0x6, &(0x7f00000001c0)="c8fd609b4f091044e14344c3d22687339d623110065d0e2ae911cb7315d6403fdc7001e6f64fda5633dc78ba1411fd2e5e984c79afcfed489857eb242581b54df9e3b2b3e6bfb2cb32ee432551879abdf2e505bed9c904875f090b8920d1dd8b2be26587d86db728b89e8948ff8824352e169bb87f17e7ef886b183396a6e19c1d284b56cbd9e29f51fb7594c6b95e6747b149f67c210a9f2e46f6f0fa7e26c62daaeb73a2fe7c10ff9619de076c8aadab2514d43f94a79ace7ddc4e8695e29909", 0xc1, 0x3}, 0x48c1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x200000c, 0x40010, r4, 0x8000000)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r7, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r6, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1843.368495] FAULT_INJECTION: forcing a failure.
[ 1843.368495] name failslab, interval 1, probability 0, space 0, times 0
[ 1843.372055] CPU: 1 PID: 9677 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1843.374076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1843.376479] Call Trace:
[ 1843.377232]  dump_stack+0x107/0x167
[ 1843.378279]  should_fail.cold+0x5/0xa
[ 1843.379370]  ? alloc_tty_struct+0x95/0x8e0
[ 1843.380575]  should_failslab+0x5/0x20
[ 1843.381664]  kmem_cache_alloc_trace+0x55/0x320
[ 1843.382978]  alloc_tty_struct+0x95/0x8e0
[ 1843.384140]  ? __do_SAK+0x30/0x30
[ 1843.385127]  ? kasan_unpoison_shadow+0x33/0x50
[ 1843.386453]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1843.387901]  pty_unix98_install+0x1ab/0x980
[ 1843.389138]  ? pty_unthrottle+0x60/0x60
[ 1843.390285]  ? pty_open+0x310/0x310
[ 1843.391323]  tty_init_dev.part.0+0xa0/0x610
[ 1843.392551]  ? pty_open+0x310/0x310
[ 1843.393588]  tty_init_dev+0x5b/0x80
[ 1843.394643]  ptmx_open+0x116/0x370
[ 1843.395660]  ? pty_open+0x310/0x310
[ 1843.396695]  chrdev_open+0x268/0x6e0
[ 1843.397763]  ? __unregister_chrdev+0x110/0x110
[ 1843.399078]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1843.400426]  do_dentry_open+0x4b7/0x1090
[ 1843.401577]  ? __unregister_chrdev+0x110/0x110
[ 1843.402895]  ? may_open+0x1e4/0x400
[ 1843.403930]  path_openat+0x19ba/0x2770
[ 1843.405057]  ? path_lookupat+0x860/0x860
[ 1843.406260]  ? lock_acquire+0x197/0x470
[ 1843.407389]  ? find_held_lock+0x2c/0x110
[ 1843.408546]  do_filp_open+0x190/0x3e0
[ 1843.409633]  ? may_open_dev+0xf0/0xf0
[ 1843.410745]  ? do_raw_spin_lock+0x121/0x260
[ 1843.411977]  ? rwlock_bug.part.0+0x90/0x90
[ 1843.413185]  ? _raw_spin_unlock+0x1a/0x30
[ 1843.414397]  ? alloc_fd+0x2e7/0x670
[ 1843.415436]  do_sys_openat2+0x171/0x4d0
[ 1843.416580]  ? build_open_flags+0x6f0/0x6f0
[ 1843.417801]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.419199]  ? wait_for_completion_io+0x270/0x270
[ 1843.420581]  __x64_sys_openat+0x13f/0x1f0
[ 1843.421764]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1843.422972]  ? ksys_write+0x1a9/0x260
[ 1843.424066]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1843.425560]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1843.427050]  do_syscall_64+0x33/0x40
[ 1843.428116]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1843.429644] RIP: 0033:0x7f7574521b19
[ 1843.430799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1843.436179] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1843.438375] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1843.440463] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1843.442542] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1843.444645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1843.446733] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:10:16 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 43)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1843.503799] FAULT_INJECTION: forcing a failure.
[ 1843.503799] name failslab, interval 1, probability 0, space 0, times 0
[ 1843.507233] CPU: 1 PID: 9679 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1843.509191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1843.511617] Call Trace:
[ 1843.512366]  dump_stack+0x107/0x167
[ 1843.513406]  should_fail.cold+0x5/0xa
[ 1843.514514]  ? __kernfs_new_node+0xd4/0x860
[ 1843.515749]  should_failslab+0x5/0x20
[ 1843.516833]  kmem_cache_alloc+0x5b/0x310
[ 1843.518012]  __kernfs_new_node+0xd4/0x860
[ 1843.519208]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1843.520577]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.521947]  ? wait_for_completion_io+0x270/0x270
[ 1843.523348]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1843.524851]  kernfs_new_node+0x18d/0x250
[ 1843.526035]  __kernfs_create_file+0x51/0x350
[ 1843.527354]  sysfs_add_file_mode_ns+0x221/0x560
[ 1843.528697]  internal_create_group+0x324/0xb30
[ 1843.530015]  ? sysfs_remove_group+0x170/0x170
[ 1843.531314]  ? kernfs_add_one+0x124/0x4d0
[ 1843.532497]  ? kernfs_create_link+0x1b7/0x230
[ 1843.533796]  internal_create_groups.part.0+0x90/0x140
[ 1843.535286]  sysfs_create_groups+0x25/0x50
[ 1843.536501]  device_add+0x7a9/0x1c50
[ 1843.550384]  ? lockdep_init_map_type+0x2c7/0x780
[ 1843.550965]  ? devlink_add_symlinks+0x970/0x970
[ 1843.551543]  netdev_register_kobject+0x17a/0x3b0
[ 1843.552125]  register_netdevice+0xd6e/0x1480
[ 1843.552671]  ? netdev_change_features+0xb0/0xb0
[ 1843.553240]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1843.553774]  __tun_chr_ioctl+0x2156/0x3f60
[ 1843.554362]  ? lock_downgrade+0x6d0/0x6d0
[ 1843.554870]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.555458]  ? tun_chr_poll+0x700/0x700
[ 1843.555949]  ? wait_for_completion_io+0x270/0x270
[ 1843.556544]  ? selinux_file_ioctl+0xb6/0x270
[ 1843.557373]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1843.557926]  __x64_sys_ioctl+0x19a/0x210
[ 1843.558786]  do_syscall_64+0x33/0x40
[ 1843.559835]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1843.560669] RIP: 0033:0x7f7955930b19
[ 1843.561128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1843.566354] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1843.567299] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1843.568167] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1843.570217] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1843.572237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1843.574269] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1843.744595] FAULT_INJECTION: forcing a failure.
[ 1843.744595] name failslab, interval 1, probability 0, space 0, times 0
[ 1843.747998] CPU: 1 PID: 9685 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1843.749931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1843.752317] Call Trace:
[ 1843.753057]  dump_stack+0x107/0x167
[ 1843.758144]  should_fail.cold+0x5/0xa
[ 1843.759214]  ? create_object.isra.0+0x3a/0xa20
[ 1843.760497]  should_failslab+0x5/0x20
[ 1843.761565]  kmem_cache_alloc+0x5b/0x310
[ 1843.762134]  create_object.isra.0+0x3a/0xa20
[ 1843.762733]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1843.763428]  kmem_cache_alloc+0x159/0x310
[ 1843.763998]  __kernfs_new_node+0xd4/0x860
[ 1843.764568]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1843.765218]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.765876]  ? wait_for_completion_io+0x270/0x270
[ 1843.766541]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1843.767258]  kernfs_new_node+0x18d/0x250
[ 1843.767814]  __kernfs_create_file+0x51/0x350
[ 1843.768417]  sysfs_add_file_mode_ns+0x221/0x560
[ 1843.769703]  internal_create_group+0x324/0xb30
[ 1843.770367]  ? sysfs_remove_group+0x170/0x170
[ 1843.771636]  ? kernfs_add_one+0x124/0x4d0
[ 1843.772225]  ? kernfs_create_link+0x1b7/0x230
[ 1843.773536]  internal_create_groups.part.0+0x90/0x140
[ 1843.774288]  sysfs_create_groups+0x25/0x50
[ 1843.775488]  device_add+0x7a9/0x1c50
[ 1843.776018]  ? lockdep_init_map_type+0x2c7/0x780
[ 1843.777361]  ? devlink_add_symlinks+0x970/0x970
[ 1843.778029]  netdev_register_kobject+0x17a/0x3b0
[ 1843.779381]  register_netdevice+0xd6e/0x1480
[ 1843.780006]  ? netdev_change_features+0xb0/0xb0
[ 1843.781325]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1843.781938]  __tun_chr_ioctl+0x2156/0x3f60
[ 1843.783147]  ? lock_downgrade+0x6d0/0x6d0
[ 1843.783738]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.785105]  ? tun_chr_poll+0x700/0x700
[ 1843.785669]  ? wait_for_completion_io+0x270/0x270
[ 1843.787058]  ? selinux_file_ioctl+0xb6/0x270
[ 1843.787683]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1843.788953]  __x64_sys_ioctl+0x19a/0x210
[ 1843.789532]  do_syscall_64+0x33/0x40
[ 1843.790610]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1843.791334] RIP: 0033:0x7fc68ced6b19
[ 1843.792386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1843.794919] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1843.797084] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1843.798084] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1843.800115] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1843.802186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1843.804212] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:10:30 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x5)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1857.165850] FAULT_INJECTION: forcing a failure.
[ 1857.165850] name failslab, interval 1, probability 0, space 0, times 0
[ 1857.167352] FAULT_INJECTION: forcing a failure.
[ 1857.167352] name failslab, interval 1, probability 0, space 0, times 0
[ 1857.171384] CPU: 0 PID: 9701 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1857.173430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1857.174440] Call Trace:
[ 1857.174785]  dump_stack+0x107/0x167
[ 1857.175232]  should_fail.cold+0x5/0xa
[ 1857.175698]  ? create_object.isra.0+0x3a/0xa20
[ 1857.176256]  should_failslab+0x5/0x20
[ 1857.176718]  kmem_cache_alloc+0x5b/0x310
[ 1857.177213]  ? lock_release+0x680/0x680
[ 1857.177697]  create_object.isra.0+0x3a/0xa20
[ 1857.178231]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1857.178869]  kmem_cache_alloc_trace+0x151/0x320
[ 1857.179439]  alloc_tty_struct+0x95/0x8e0
[ 1857.179931]  ? __do_SAK+0x30/0x30
[ 1857.180357]  ? kasan_unpoison_shadow+0x33/0x50
[ 1857.180918]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1857.181542]  pty_unix98_install+0x1ab/0x980
[ 1857.182068]  ? pty_unthrottle+0x60/0x60
[ 1857.182569]  ? pty_open+0x310/0x310
[ 1857.183017]  tty_init_dev.part.0+0xa0/0x610
[ 1857.183544]  ? pty_open+0x310/0x310
[ 1857.183982]  tty_init_dev+0x5b/0x80
[ 1857.184426]  ptmx_open+0x116/0x370
[ 1857.184860]  ? pty_open+0x310/0x310
[ 1857.185304]  chrdev_open+0x268/0x6e0
[ 1857.185756]  ? __unregister_chrdev+0x110/0x110
[ 1857.186316]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1857.187334]  do_dentry_open+0x4b7/0x1090
[ 1857.188312]  ? __unregister_chrdev+0x110/0x110
[ 1857.189411]  ? may_open+0x1e4/0x400
[ 1857.190279]  path_openat+0x19ba/0x2770
[ 1857.191392]  ? path_lookupat+0x860/0x860
[ 1857.192346]  ? lock_acquire+0x197/0x470
[ 1857.193274]  ? find_held_lock+0x2c/0x110
[ 1857.194231]  do_filp_open+0x190/0x3e0
[ 1857.194837]  ? may_open_dev+0xf0/0xf0
[ 1857.195334]  ? do_raw_spin_lock+0x121/0x260
[ 1857.195896]  ? rwlock_bug.part.0+0x90/0x90
[ 1857.196446]  ? _raw_spin_unlock+0x1a/0x30
[ 1857.196971]  ? alloc_fd+0x2e7/0x670
[ 1857.197423]  do_sys_openat2+0x171/0x4d0
[ 1857.197910]  ? build_open_flags+0x6f0/0x6f0
[ 1857.198438]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1857.203108]  ? wait_for_completion_io+0x270/0x270
[ 1857.203696]  __x64_sys_openat+0x13f/0x1f0
[ 1857.204198]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1857.204707]  ? ksys_write+0x1a9/0x260
[ 1857.205174]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1857.205807]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1857.206431]  do_syscall_64+0x33/0x40
[ 1857.206897]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1857.207516] RIP: 0033:0x7f7574521b19
[ 1857.207968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1857.210184] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1857.211136] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1857.212002] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1857.212866] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1857.213731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1857.214609] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1857.215505] CPU: 1 PID: 9711 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1857.216341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1857.217342] Call Trace:
[ 1857.217674]  dump_stack+0x107/0x167
[ 1857.218117]  should_fail.cold+0x5/0xa
[ 1857.218600]  ? __kernfs_new_node+0xd4/0x860
[ 1857.219125]  should_failslab+0x5/0x20
[ 1857.219586]  kmem_cache_alloc+0x5b/0x310
[ 1857.220084]  __kernfs_new_node+0xd4/0x860
[ 1857.220591]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1857.221174]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1857.221762]  ? wait_for_completion_io+0x270/0x270
[ 1857.222348]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1857.231005]  kernfs_new_node+0x18d/0x250
[ 1857.231501]  __kernfs_create_file+0x51/0x350
[ 1857.232034]  sysfs_add_file_mode_ns+0x221/0x560
[ 1857.232601]  internal_create_group+0x324/0xb30
[ 1857.233157]  ? sysfs_remove_group+0x170/0x170
[ 1857.233699]  ? kernfs_add_one+0x124/0x4d0
[ 1857.234202]  ? kernfs_create_link+0x1b7/0x230
[ 1857.234761]  internal_create_groups.part.0+0x90/0x140
[ 1857.235386]  sysfs_create_groups+0x25/0x50
[ 1857.235899]  device_add+0x7a9/0x1c50
[ 1857.236353]  ? lockdep_init_map_type+0x2c7/0x780
[ 1857.236930]  ? devlink_add_symlinks+0x970/0x970
[ 1857.237500]  netdev_register_kobject+0x17a/0x3b0
[ 1857.238077]  register_netdevice+0xd6e/0x1480
[ 1857.238625]  ? netdev_change_features+0xb0/0xb0
[ 1857.239191]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1857.239722]  __tun_chr_ioctl+0x2156/0x3f60
[ 1857.240235]  ? lock_downgrade+0x6d0/0x6d0
[ 1857.240738]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1857.241321]  ? tun_chr_poll+0x700/0x700
[ 1857.241803]  ? wait_for_completion_io+0x270/0x270
[ 1857.242394]  ? selinux_file_ioctl+0xb6/0x270
[ 1857.242945]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1857.243489]  __x64_sys_ioctl+0x19a/0x210
[ 1857.243981]  do_syscall_64+0x33/0x40
[ 1857.244432]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1857.245051] RIP: 0033:0x7f7955930b19
[ 1857.245504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1857.247768] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1857.248686] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1857.249546] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1857.250405] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1857.251280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1857.252141] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:10:30 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 35)

20:10:30 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 44)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:10:30 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 18)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:10:30 executing program 1:
r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000000100)='.log\x00', 0x10800, 0x28)
r1 = fork()
r2 = gettid()
kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=<r3=>0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000003a00)=ANY=[@ANYBLOB="7472616e733d66641a43666408000000e4", @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',msize=0x0000000000800003,\x00'])
r6 = pidfd_getfd(r5, r0, 0x0)
execveat(r6, &(0x7f0000000300)='./file0\x00', &(0x7f0000000400)=[&(0x7f0000000340)='\'\x00'], &(0x7f00000038c0)=[&(0x7f0000000440)='msize', &(0x7f0000003800)='trans=fd,', &(0x7f0000003840)='trans=fd,', &(0x7f0000003880)='9p\x00'], 0x1000)
ioctl$FS_IOC_GETFSLABEL(r4, 0x81009431, &(0x7f0000003900))
ioctl$KDSKBLED(r5, 0x4b65, 0x3)
[ 1857.260449] FAULT_INJECTION: forcing a failure.
[ 1857.260449] name failslab, interval 1, probability 0, space 0, times 0
[ 1857.261837] CPU: 1 PID: 9700 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1857.262687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1857.263695] Call Trace:
[ 1857.264018]  dump_stack+0x107/0x167
[ 1857.264463]  should_fail.cold+0x5/0xa
[ 1857.264934]  ? create_object.isra.0+0x3a/0xa20
[ 1857.265492]  should_failslab+0x5/0x20
[ 1857.265956]  kmem_cache_alloc+0x5b/0x310
[ 1857.266451]  ? mark_held_locks+0x9e/0xe0
[ 1857.270971]  create_object.isra.0+0x3a/0xa20
[ 1857.271506]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1857.272124]  kmem_cache_alloc_bulk+0x168/0x320
[ 1857.272683]  io_submit_sqes+0x6fe6/0x8610
[ 1857.273207]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1857.273808]  __do_sys_io_uring_enter+0x6b5/0x18c0
sendmsg$nl_generic(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="e83200002700000227bd7000fedbdf251100000008008200ff0f0000080007000000000008006c00", @ANYRES32=r1, @ANYBLOB="1410378008001700", @ANYRES32=r3, @ANYBLOB="08001d000001000016a2b3193e3ff0542ea8a6a679fbcad6c70fdd6360907f8fd431ab924fe4cb21bbfb1e5deba58b8314a7e4ecbb83f2d0f677c2c15b42c832f8464331e309ce524c301936985d595578d753403c4224ca9350d59ef8628f59b5f4c44b4df59b80f50e4ce4eadf71433ce75572051ce773c3671fffaa29d28ce9a2dc221a2206f80f00e77848eae6b9298447399341c4fe2dbeafa126ae54ba8f62b716c37e4a20ae878856968adf339493c92d80b34946d537dbc76b50b6c89038906b4f7322d068536e63d222cfbea750193a839be1abef8b951ac48cb67a66f10ff1a8965ec8bacdcb74df8dd420aebc4f7b28e126a711895b810f6ccaf218b8f2c2f5586663ff0c3962f886352c2af3ba4b10f04c0d48549ed16406a5e4771f6d830dbd06bd4bd4be698b44a245a5fc61236303d9d572d602a0e8ec2a3f1e09926726effe88475e196d0bb739bb6b1e4e7325560f320afdd9d9fc1af596689f7ad9b09f088d2a631e9f83d72fcfcabed74c606e863bcf78ce0b1cff80ee9c884ab9fc255686ff23c9a94dc21b57d53c2965f59392b6fe6e440e21dc652401130280e5432af0b781f9c53a7f193fa7666a958a8bec5469af952f1ac2b0c396489300c783553f0f4ea82d5aa27a5d6bdd9ca62c8f70e71c499528881f591caf43360e10ffa893047ceae5b37dac910deb975ab98e9b057d7ca199b332c6df84569a6cbd2233622d6defb724fe7026f45a1a34b73a204b0d38ba90d4d41da4fa013e9903209f47e939b090857ad525ccf78709de3123cbfc94cafb344782d93015879fc419d4db6673b5b7feff1e9077ce7c186387bbc2bb2bd948a272ae7df816ea075354f025d4bd161719ec6e233e0e46f3d47a75cf9d07c77e3002670301755026312b8f4137eed6b9b0a78294968174053deef54dfdc1e525eb16f5149d186e0d6ec3e5dee617a5dc6b7a32ddfb54543fc2090dbd418d20f228c9d9ce346cb1b78b260be263b6947f0f8b06edaaebba991daef718a72e4e52562d2e64004700b7c9338780e804c2dd136ed883a0f67cca50d5fdd652b31e109408383cf4c5025bd904af4a8c05d2372392655b734e841b1f0768089909345a08dac7015e84c56aa8da0a889e7b9c8db2a493c5f5133cc235e4cc8ed27e53751c3bf53b16dce9309f3df9dd98c809aa88096730957f90b080eac1e665c2f5c423c9f1364869917270caeabbcff58ed2cfd79ed970b361faf79f61387a738e7b1ebfd1e642ab9253b0da38c1a45b7152c2d3480c006299b4290a0102183a8fbfa6dbe7a19e29e89bf43b763dab172ff0dc25d26133ec8c94647df5f0dbbff1a2f661109a7d762e04decb9738215f2da3c95798a38d0bb812251162da5b31c1b07f8f7aa376f5a5b7be7335f63c71d79b15718504a129adf54a5be985ef2c12e3ba7892da97a376620d7bc6b5584c795890ae47dfa25e5a8de6c65918fa2134ecfad456fca3064e4b9e7547785741378ffc833832defb2bf1f918c227d233a424ac0cc042082c224cc1de78d00bbd6407f3c8cd0227ad37a3be3a42765a3a61bcdc4fe8eb8730eb4dd2b44cef53547919c294efe690639e48ad9015f8f48a8563a6ed7c98daaf4d651b97e64b722a0314f6f3e49edecab57185d4a634556f56a69945ac782187015dcefee66875cdf18dbec46b5e701b414c22b0fe32688460d1628ba3ca771df3dfe854a3caadf2d70a8e65844ea9c36a027f549b343fe9dd5da5315a9919de31ea3eb5539ac831eb725801241024ebfae2a5b4c033b82296c3b10a86231d0f371bb93039cf9d94087e5ded568e2eebe2396b1b390742783ea1226a7d7b4c5416e6b3f1a8bccf8ea1437800c100e85e9f6bfa958eeea7a5948ebc2be73879deb2f4258199aa2c9411b893858f613885f67222bfb5ca832acdf9102b05c1c7290811a76e85ce7c2d71854f42ab5b3a0b4b0b553bbce5f888af81f489954e6a55cd4623b819b4749017370739b272ac1772824ae826b9cac5a01f50eb2ffb7bc8fa54ae7eb23efd5f1adfaf017641f7b23882488fe44b2a6a911557affbb4c8018eb1160c6bce27f6562fa90164137dd817eb7f4a8d1e3d3c6ef6ca604cc7fa3c171bddb7153f8fb03ba030ee3d5bfcb3925af43fb76bd457f0914d3fa2c2390c86ef1e1cf16b4be81273e9836bb90fa9a39b99ae20158f8e37ffdf6e88d3045cefc10403535a67701b08f8bb0e0a8604673cf715cb03ed903f20d3f3a337f58d155edf2f8cca5f7e41a9004230886227d4fd500e0788d63e78cc30255f2604afe704eee8750d16fc835ea7580ba81f22b6eed700867ff0b11a6b59a53e4f628856ea809cb413273017ac052cbb734a9647c75fe5dfece818b5c343c87cbb9ece643461c2b831762ecd93e81dee57a8b26bb98ff1f50c795f1cf72f98edfd72e3000b37947e38a0a48354a947958b17674a3b422c056058ac59fd1d269a3fc3ca3e33836695ff48415064e9affe2a92afad9cef83ec6bafe656d5e5dc665fe2fe106158dba72c39c6e5ae55b89e12de7b58a8a01d4f5aefabb975fe8c4ee3d603888cf03d79ce086798c66464bd32966e5f6e15a037934345cdc139535527e8b8efa5f14aaf9435d9029722f803c722f070bb139f6345ecf642f2b386664d9799438d2e8adea41ddfbcd6b987b48d12e7e9532027efb785559ea5c824d357fc35086adf80bc560d91f4936c1aa627ad02f450800e8b5bb9bbbed4d7ec653552fd8b6d48f88f0b81f9d04848d32ab541954186f3178c3c5c4428debfeedeb580b1c3122714bf7139eae46c39daf42708bdef5547f47a77c04f2677de3e9500e1e5ae6df35ce179f06fe46136cf984656354d881ba91f5fc5e960a05019aa79f38c045b1ba1c2e9cbc9c606d75c1e5e121a8159f03d26d296cbdb3c5e516d67146c2d6fb50beb765046db637763a0cbbceeef08d67d5bb70a775d6326b12bb76eae893d262bdfc7447fe5feaf77ae51da7b12e4e5a8b684ec256a4fd7c4ba3dd4a8e08fd8040bae2dff692b761f3f75f63b35dd3c4f9f6d3254de9b44425ab9ea02a8ee5674815628a05e9761d62f5a5c6371ff80ab84aae64cb2c8860f529cb5c360d4800cd9ebdafa64be170874c85d26fbdb7b4f81664af9c6016ea8fa2f6428992f6e6825a239dfa3cf36ca96fed837a09b13ae94af2253563d11782956b05fa86ff2fb08a2a7d8fb2ba49ab2df9729ac0d52d348c992a6332829b38b3715ba69af4ad3db968e927c49bd3e70522c5e46934c10ad3b49e7c0f59ec45990411225b8ee6f75c7761a208483f4dd85ce5ea76f9cba6b4323aa43f88911a26396fa21726e6c7ca4f85adb471225dcbe671b4a79c012978fae9b54cbdb15d7914febdc6bbf8cd4f04ad1d4c00876d799b92d5180ac275ffb5ae77568b8c40215797fc7251ab51da8d5cb1a43ff0174f1274971bd8e8e07c59cf56297ebb7fe17124b09624a3040b984e9e4d4c08ad7748c257f7374e452c6e11ded18447d550c62a0b4296559f39e4506cf7f8822350c164e7bba565e20aaf8d7856bf40a229334e0a2801bd004a24117e6c258b89fd759a5b0287e7d57c15d65add21709cf05dd2296f506e2dfc9c363ef7cfb5468cccc57405dc6d61037dbb6713b379cf4f104f0706da80c82e7262d53fad092ec624e30686dac69e636169c92fec319f5be6a7ccb9bcc7e335cb3080b7ac72158f899e3823c1b8ecb418d58fb2c60bc9ecf4b6b77651a83fc625874a12c27f973e9acd145cda8e65e6bbb260e321176ddec05e69d068b989eb041354aeccb588fbf0368889da2766c271f332e40f42bb9e29fb18797e96e554c4581f4110f9908d993252fee0b01b42cdfee39bc997bc7ab1d6cb557787f9380c54b49633883f34c47977df07905c726f323a214c2e3db200ebe3cd22ed8b5484b566fe64223657ef6a6e0222ba07beaeff4e06cd2aa54549bb9793134586831bbc123c4db8cd22d2cd8fd1244874829c289645d24f583ccf56686afc6eb7949167e86a706cd9bcc28a48b841b3cbca53b7d6b6572f9e99dc2f6a05a68b40b8e0e11c7369875f98ce8178a1e6e1447c603e630352d53596eb30392cc10f7255ad40aa2b86ad10fcb2d91fec476c8bf4549196a40f0818ab5fbd289333c1eadd486dbab9127eefbac4aad5639c1f7dcc25a852dd4fe6dbc26b925daf7091e1b6582fb7a4065d1e920fdea2b47a980fd03e79a4dcf27e62b58c56f91ef7bdff1fffdb3ae4132711480d96eec627ed77aed683ab301273b986ccc0fbc98a696ae9df10d67a21636d4036a7f7ccb60369e513eadee5a9d403b78ca00092b526b59ffd4d3c9a0f7a91fe17a1b2ded15871e4a4ea8da6841309834cde002636c38268e309209ed805a02991b7121dd0de79672219ce97ab12860cfadca24a75420defebd2140c41e12d14242721e1fd7bf7568f3bbe4de40687bd6ae7f0c90014edd0a29f2622c8a952025c5f36159a3212e00104545d9555fc213bb9efea7d0f9b0e6739d133ad2dde4d9e6633f369c2254c37118da6eab1cad6528164822b8f5548fca6600f5f6566656093b62f685d560a9be7d27dafd04a0358c755045cba6e3567889c675c99bd0d82a0a3d3ad5d94bad250ce6c0b7105d1a67767578fa1d88bc23b3277e59b7fa9cd454ad5f0e13becdd01f4e5ccecf1874b5f1166539b683e4d332bffdf4a619ce9dfaee142c079838ed0d8f621cbf553c4e3072a66da908e395970c12eb347de0cb4ad17b69335f19b2d3a7cbd05c7a105758434fb6c22fe2c890822c9d16a757758eed5047cf0bcdf29d8e126e73676dfcbca4537740f1312a177fbf6b1295a7aeac9151184a77a0948d5087210d62158c4ba327441d6b457f97ed4ca7f02cebb846221ae38d9feb63de038534bc7aa6d087bea8eaa7b162d4384f72e4a4a8967db334b736ffbb5776fb9c2d484fc419599c0873edab2f34b3603692ab0ccfcdc68b39c60e8aeb2d6fe2c9b7f65450ccaab33d795882aed189d09d0dafb3bca8c7bdb03770d6dfe242508725ec16ddb3c2af4bb77e297840c94a60b42db8f0165ee039c0e637ba6b7e2002e6e41fffdf3e2fe969f41e0696ec9c4ec2d3313f2eab3b92f17ee897701e4899334e84a149f088e2771117d050271975bd01a560e590d323a48654136e90b6ea206cd88e72587eba3fbca1cedfa1bb3e86bb8e54e18829aabadb958a3fda057fc1f003476287b110fd8a3fd8a8339d7bd1e123a67e86ad29b00edb8f8de169119e7408c0d9b5dcee773bc28b5c0da3a2219806febd19eea695676010a41eb91790db5f7a571589433605140ae44ad92726c36875890dbbf5ac941cac407af93a8cf16e1f8a6cc5320ac0be715eca821d9c94db2d3730eae9da9cac461fea633f482a5c18e5be10df682cc466a94942457d7c526ce7ef24a6d18cded336bef1255eb9cded7c8bae260567c98d32f44596cc81b4f729e97b69bf433fcb2ca2d25d06d2314ba7a420b48d0e06a4ba2345c7f2eb4821759d9de7f18ad0e5a0707675438d1a1a16d6a7395d5b0938e6a14fb3dfc786a72c6c4693e74654d9bcec311e5b4511caa312fad01863e3791fd7e6176bf66de412ad582c7931e9588a7bda694c2e5c34fed6c9fddf723ebe571d6495afb51c603568a32d354646907efa9cb51194ff73fa7abd421ed558923abc9e7882a370062904a7db5c807db49f729a604833257e01d5b0e33acaff612bd76745e17c1e59d7d18ee016975faad43dce0852580f81fdbeee92d4814d0f1b1c0095800500320000000000080038000000000008006500", @ANYRES32=r4, @ANYBLOB="84226380ebb22fabdce7c9651950fa60175bfff6deefaf9341ad9a0918acd2d85ddd2a992eea7329aea7ededb977803e7f3aeb19278edc5b275e41aa2e47f6e8f41aa5e6e4cd8764a314347ba5ae35083c9ee1049f2e0584b9f2684ce153a767f689e647366b6a173f51b02e171844be8f00dd521a425b9b0e5928f3d5ecbb6e7276550d6a3f01306b36fcc4aa461c089425c5fa5d1eb4540b2f077058af2528221f022e811ba0385d9893091608d472a3f94521736e220f6087cb02c4b8044a532f0e2f496f57e57e1ee5df4c68fdc2dfd6074dedd89e73c1cd9ba0119e494f8a517cbecddc9a9bdf5cc1e20421a670976346769457cf6fafc8ae766f8b74783cb52cbf42cf2368fcdb762814000500ff020000000000000000000000000001060069002700000076320a37f2865a331ee77a8ca822021afb6090ad1324e2e4f7f328792c98e70193b2d1849d43be01db68bb5f62d7fc0d5df45c88886f05fb69ac8cdbe971a75d993098f4d5569c0513a04402da355657633b77f25e493ed3d1272e287cb5e0aa099a97873152c06dbe93c5c6b74fc73d16f32ed9699672e5c3dda746d427809b300f5c9f5ea08e5752aebcb601d8708a577caad31094b09d8cf62ea2601be52f002b1fa0009686b95148d1e5bf39d28f589ad68c4e3320b629ce1741dc49a8772582ba50e8353e848613d6b4fa7bb21e7e409506125932228fb2bf214fe96062064e4ad58d08f021841fdb0719df54359001dd4edb96dd7ad8b2555a30cce447849b6666273f45da18248e90c926a12356400319a666f690ba6c4fe86fcc11613e5d1998e4d0a985ff3a5b44c3e95d18ebd497a3d65cdb5f9a4e116b3dbaf8fd75345a4862d99446bbc65d9b5604861e526c55941b3fffba6b90b6907eb6a5e6a63a543133ed760e13f6041a83bf3e163c35665bfd0ca09864f494c11baab8131e699b96d0f37dba1b2f47be8526d7aeb348541a2e5f7de171950957c45b0064604437184687eabd07cbf75f0e9718a9d946472735265c81166ffd26f0ee4142e707bfffae6e364e37456f509f74dcb28e2d572cf3e27b5ff7f535e6158146b4e23745df5a4267616cfe0a61e195cfde81ec2e963e8bcbd0f88b6dc9e0b75216032ca1eeed24e567cb55702237ca68c4a4457d6a88cdb0dc3e5f9a23e7999650ec05b673a51ade3345e62b92b893340e3db585905e9df7625ef12ae032048b477800e0c9bf1f33fb9d491e2efc292103724082f3deacd7ff5831f968d3488be0517053d021c46102d467f185f4d94752f9ca1c39282616ef3aabdd05ae3691c2b37ff4673766c8fffa3cf1a21f0f06409b8e6e97007c8059a38dd7a557b6bfcc8309e55a2dcfa37fbca6eb60ba00d2f3c2a9820ae96eb5123abdaba269a92e9fdb2c07b4e6c9ec231053d1b575b82c573616e128962154fa2cde8b44771f0f0dc2eaccb5cc8239ce0eb4ab36be860c9d318c0b56740bdff4579ba16a7dc6c5cf0aa08d2e2dc4441c18ca712c03b246abb0dab9ef220ddb0f36e3974c6ce0428d465e9566a0c65237ef1414959e9ab71591810cc8ccd73d6ee605087a7b18f53b5c878a13994fbf7b823af943bf87391c48564fbc5f9d9a0caef3a44ffae171a59ed8a6a9332387f024e7c2c28f746ce120558af93617541c6e244f6052063a85b01262010ad2ab152a96efa1ef0b4e7c974b22cbc412c5624e0ca72e5c170c7b75f6d6d07094c23b1f01292daaddd41238d99e019a2c890e1073376a1760e7782e17dbb6f8607dc8093ed72e61a7c06bd5418805c186615117a414ec5f2dcb4ac1d1acb11b14db6f29749d106a4ecec2561604fa144a63aa63170b7091bfea6ce268a552dd5ec9e7bf4ffab00295709e1652c8c35589455a8c16f0621b44f52eb270da685e585c1254a63336c04992d0ba9d8a88481b264a2c25fb2a17e54f9a4cd760660b3439aa6cf067e9104bf776288a1dc99e641fb707ef03d9fb119d3d48e9453ce0450565611e16db1a63a515ea1b432e77e300c54fbe0baa5c25c558e6d7c83014144b9a0399b608f48714773a36a3c19e01340a06547622a57a52c67c7714e2eaf70e63ac6c3ba4587d1a7ebcf7eab47d47941b6d1969fc7635be26838ba9c0c5fb2e5d7602f82c435eb3e0424b5104dc0e4fb874e7448564f26a73ebcaa8bf6b89865c8d094633fb656e67d92f68ac2e9b6d7ffd0119f5c72a1a52cc3b7132cab8ca20514f78c57063b3ad1665738fc0937103a56bf1635931344bcb1d07ae8c42ac55ad5ecb651a479c2b4494987189b25289f1dfebaa55d05654ba8753570a81e934fed85cbab023838027582dd471ea2890450e5be4b0d51a0217b6b94a8de2813881781c078b41bc4e1802d96749bb543c48f86b83bc5cf0eb737f81e4f5ca1bf0da6454aa44133a57d9f29f9507528331a00b143220eac270fec5493d105d7cb644ff9835a9df969b1dcb3374808403bc5750bc3685c923b85763a11dd80437b80330dcf870e216df7c0d85e0d71a189d82c5634a327de464f3a54c5bd68823794f64883391b36e01bf0e956dd130ebd4693538a34b08e1e45db000d841f1d78d80262ec3d29b3c522c6b3c0b5e53c7db9389b98f2657dce1c5f21b6bef3e5c7a427c9a520a199d098d5322c835ee93c4fac24a2a93e6925dfdf146b48564217bfd8ef056f92492ac6bbf8268a26e2c4d4c0948ed799b9065e9ccaa0b333ad2e7e03fbe5d7921743054df790fd4d33d0d4e72db374c81706fbff26a37bfa6cea8e27c2e2bcc4f2cab89fe08c9ff1c144715d58e6b8f94ad872e3a59abc940fcf02107f5257d1860ebfb1c8ee8a2301584a647d99347471ddf84620714b985ea65db6d2cd6992ade0dd49b911901d8c987770fda381d363afdb6453d99f522b41b3638ce57d246f51e9a9766eb5d0b922acec6862eaee47aeb78d4f18064df949741a4d9902165869ddb48657d20d50d45a6e922a5f891c2bfded62b01078db13ddd8cb5fceed9381e2c16f6f7793ff6d0618702ff45758d88d336138e51bb4b21cd41f64690024d6b8d659e7550f2e31f7d1784b78014775fe7ddf14c216c8e7d9dc4cfb8512d48a6ca5c5b6b9ea43e7753d1a3188ead6d3f4e5c8e06518029ea6b19d8f57fe8adb5035763f3e9112fc087cd2784fc22a3e733dd55124be951131f718f3f8e1215d5df5c0fca95f2d142fe7ceca6fa971a78a2b5671cca236897fdc24e65d5039635e15dc951d00dc1335e46f0e8338a15528d557f87e31cc9a3eccbba1e4c588e14f056da45eb785454264b6aee4194b7f3e4e4d47749d9c2d62966fb300d447f97b7ab487105689bebe8fdda5f59451edd007d653d82578e117582e193870f703ecd63b6031c1f2a330340d7e77ad23d2bc47972cd809db94534eaba94b2b4764d9769a3e4bf3d8fb45705e5414e71e6ab1b8e3edf6627806445abdb5753bd67a3ca24e8509fe84721075654f5102e0e0e98e5c84ba9fb1e80f4ed24ae322bb7fa937124c3f4e44524adb6446cdb1146aaa64a0ce8580b8d2c4f782320a98fcf0fa7b546f78177369d1c685f09da1e78fea18a67420568dab182bdda66c76ec86f571bc43bef0831b709d8fa9ae6457355274b9488f79eb6a4af8d72bd375f369f50951f7ea3f864de787a3649b3f9dfbc4f4901a485e868755c1c70e807a280b20f72cd77a75f5e691e03f943782a2304f9bfc002f7efce765814d473893852f279929666164bdf05214fbbffcac20d26830bfcab26d03a616bd198a92e6ff1d8c22b64cfd912c7870bbb1868782ca0ee2188e907c453d5d059319607a7d50fc2f3800c5eb5746c264d6850d4e8157c4579f626efdd502525aebc5342cf484d3b248fdd428aa0cb8008f7ec6923c0b48b30a6ff767f3f061266a3fdd46e297cd41045bf5cdb3c2a0a44d32fa43420eeb7ec980167640ff5d361ec21b13623c5435bfdf606e743e02d8225d5691435ae17cbe52116bc18f39cd0e1cd798393fa76ad8b3f7e99265f3e71d6116edfdb47697ca6a86a68f40b845008b9c55cc8cebf195e149796572a66f248c26b7f211a2268778f989a10f65b2c6d68cf460e600561c2119010b9232cbd49fc07fe9f8ae047f8197983dfeecbd0db6e075858d6fd7d5e50e8247a2561acd6c0d93ee563d5bd97a2aea99be9f1ee07eb26adf8c3579a6afaee70603ebdce3390ef4cc5b3103f59be8eb64385e2a92ffbd8e359544aa830f9420f0784286685a4ce140d7411b4965c5ddf43e6006ac28b9e1d990d4bf4d38bbfb40ff45d184be54c4655d498634e2526835ba070b51f2a83619bc3b9dbd5e8a04fac31fc2ab6e231df45315e282448a00105c4d51aa7d40895cb2f4188efa916fb013da052154da98bca3da1c1b97497892653aeb695f7bbfdafebee1ec29d2ae29f9127ecaf1194e4d5c7704a80a119ff7008ac24ccae8ad94890723e2cb27ea0ccc7003326084e14b9648850f64a082fc65dd3b92f063467343eda766777bd72e7be674607252101371425467e03d6d08cef827d1dbec77cbe9873488a0e4a0d070407f4e84a6351d0fcbd175a6cf2dd3ed696d1a2a719289fb72ca2d6c0d5da9649a631642fc59af080d855a5dc1f134a69eff9fe2ed23e05e6363c19653570a7caf2bb822b04cbbe882ed4dddb4f1289e04d8eaf538c215517c8196fadda9af082edd806f31298dee13daf01c5c6f174d1dfb97ef8b17a2c8056ed0666d240cd86cccc0710f7c849575fe8886629560114a34450eabcd2089e4de780164fd4b4309781e53a2cdbec66d8871f290239d873f3130d6147b8a918236d4087885de09e8bd2f935c3bf875f5b5860436e97936898e201a08be20f3011139074e42f8e04cfaacb9de60fae9dbb801ed1dfb17d6b0e6f00cc81e9d0f72d845a15992dfbf3e1cb40883ee896e100ead722a95b046230745cb79172b1d65d7f28ea7cab016b94e0cea9a6b8b27fff24bc4f43b4c86119819f6c871d71eefd37a58d009938ab16c6b9d86cb7a1dba4cedfc70ed15998b9f9a7a9d8fc8f152298cfcb4caf5047ae811e9f9f51d4655721d8fe641e1fd22b1dd4dfd76ced28896ea943d4ce759d38645d4c0dbfee3d35ed4964461626cdf08f57a62e91d5954b3373471a384a5e2def299c3011a7a0019c0ca699ab7424e6b7ab689bc89fa541ad6fc079ae6bd49ea9f53f408dea074147b6e0898e21b5b832a601ca8eeec9e84b02773e70d433bbae2faa2c5620b1f2cb8828fe0b823cba65a1869b95fb9dbc7e1e49b47f43a457be8094b057b04041ae2574150a36a817ae7aca62877909202d9c56c375230496577cabcb4bd6392654ca301a4309d424c3e70210daf78df5669b79c12a7330a821a6c06dbe3296347b3a7b5e8d89ba29338580542b5014232edc2ad516d5608da1440bfaa9f84c2d7d05c1a98a86e719512937c73f0900082de1add8fa67c603904c9a79c8ecc57d2e4ac8561e37659737932f8a12a5257a4e537fd4eee0188973ba5b71ec19046a280ec25aa41998ecdc42b6bd86296fba7149e7418a2d62fdedabbe0179a9dd55427236b1ed804a8e1ca2a7b96d0d40f447ae89215614ee81c0439ec914e54eb271b12bcd3f8478780b98ec7d34f46d9872e1d7fcb23c1abda09fce6187fbd324dba820828cf236b8641fc84d5a6fd4ae8236add1f5a8c17a11e43d8aeae6d46180700bed56debbe697f8088ddb7ce84cb7c9af60a847d97ff061cd12bf78b20d14387b2a3f9681a0a8ed28aa3db5601a8f91d4a95a806b8569bcc369eb0d50fffa518585d97806d5e958d67eab7f56cb5568816dabf61ac7e8facff07abe0825c47d2562a15c8148a3fcd3b7eab6e9fc23bc4b628fca4d2b500fffe72ced49f35a1662502d879912311c935800023c9d39f45a72aaebc71a0b7be20892ec8090926fae05615d597fd1cd832aeea2324bfe864704268bb8afeb69af66a8ab432d3eabf59f4824047ed96672309faa318125b9cc64189eb267a2a8c8fd24d5f60aa4197b8371d723d269093b96012c3c80949b21cfed6190e0aea35f553761b01b6563bf3cf3aa61f42112aecb78b3cf2063f7af7bc28a9a691642245ead8c6eb4d4dfc7bae2e4023e2176fc620d5c34312c5decfa6de4ed3f213d9e7f5b7ef70f4003a7dfdf029819ff341e4ae2f42d7d9b5015fba8de0f5e5295242155e4a6ab968682c4777f1bddaeeb0baae707b46ec13d3f4fd5d104a2ef636a92ea81eb65379f1bd8ec49f381b0d1642b37411178d084ec78258d143b573c173d504d30b9a2fb9ee5f8910518434343211193f4ad723f47a96d2761eacc6b474b16b41f6196c7dd653c8b22ef421bf4c29280bd80e38061ae783835d85e4aa3145990e813707db18b8ea958654f27938f68548b5b06b00000000000000006de827ff2ca4d0e4f38efad82565dcd637756f8c9ee841650e12c2137c0dcc3b1c76541d28ec5ee003a03a60102bf59531b25e196acdb7af6fda2a3deefd8835ee08010d94de079eda49c525ee98af8ef2f2c7945eed49c87a07da9fd3cbe0831b755aeeea73e6bd964c4a6565b22ff9d3d315d7445e62a0c50ff0b3f7cfdca229a15c9a63c677ee65671ad90170ea7484b9c7af70b48755957cf5c3d743b503887400bca560ac5f12c63fe932dbbc2bca7198521236949db1359ed131333bde01ab8b92a97a1e805ee7004e79f23310200b1431ee12a6c2f89b772ff420220b056c27fa9e20dad6a1a74df94cc8dd86186414e4eea5bbe5c45cb960a8b61f73ba72421d70291bc630a53a6de0051fa57722a80063acf739908e7da1632bd0678a6a594a4bf8ecd3b545f0587a9f17c6de2488bfb9ef3de8db2a1a54eca00e42e4a25c9fb12304c521acf0bad1985dab09b6115acfa1dceda7d844bf6be3fc259a04a91dc052ac847e9959fbcac0836bc01d7b9a69d2300f673cedbe97bbad08c0cf2063c3c00c90f0f8f20823bdf0b2657cb41279337d562d39593ea2e9769263f5add7e9eeb2777f271cf905cbf1d446605db5cdf51b3a3008ab593b84f10a76352af0ca4e8e0c9f7f108d81ebd1bc4948879f669e776ba0a915f6851310eb3ed65e9e339ba16b6230a6844646e3961c1cf9204955b333b7f55cb1cac09dd26913fe34aecd0534f615e0fd94dad738a305597601fabffe3c5f41f11254c68ae77d3c048e39f0bffbcf82af60bf4cad49d38265224a20f2ee9cd983a5f083b20823cd8740f0f708f18414bfeb31a2878bdb27a555618e020272b4c32b8cec4b8321b54dff9096c06ca2a07a2538ba339b0991480611c7aaa740bcc609970bafe2243a9486b8c233bf919d0dea9d40decb1ed89b318b7f7c6b2b36d0f5abe3deca767a48f070c2479ff26f47c7527879852b9a0cb533b73c8f59c6f0c4e65f0d49a14f4839a4b2a1768a6e110b6b7ed4ed9c1c6f5f2cef530c8023084d6e8e0b6d95e2fb65ee8cdcc2cb8217776f9795950685cf42bae146e857f48dc7fb4a6c1a2cd99e80e5a4c609e7de9f9d76ec6853f176107b436ac67a94e71220d0a8d8d43e97f2f0107b1ed54c9dbbf35574e6860baf2a2724fcf94b72ef86df82ca420961de2095fd20d29a2c86265c8386ac161d18bc3cfcd6bb65aae4bd65fab56cf9cde8a7ce7127cea74cd094d84b22536e3b3218eae6da375eea541395f590349df443ed30f2e57cf097a93765115dd9c46ae3e473b4919d6dd9f679bdf8d0258117be89be365091196bd608794346ed94dbc139facd5e7a1fe4b1cb2bc378127e3e495a6f61b835c5e94581c148521f2ab54ba92a69b429ee643905cca8744f940e0fd03f6bcde04bfe9846b63e10f37821b85c3ed334aa162bfa2500fe01fb9b32de7fbe0532606e05510a59b9df90cc77d297939c1fe4cea5311a148e7162ad7ef2305f09400a358b12790e029ce2216bce0e91678c2bc7fb3322cf1430a3bcd499d2b5d8905f29f1f735cdb328e65ef29227764930d8c7f6ee50e6fa55efb01441c7893231ccd146a889884d2368625333fa928e6f641de94df2e99ec619c0aa3fb042eb96c5f6e199b4c2d292ea182069762761e5d409ca2b5f37f8c3660d91f224d57acd83117289d1bb50705bf0b8bd13eb4c485313ce3f0185559eda1f4a19b0da819dcb1cc05ed703e5f7131c1f865f7c270c5f7672af4f28ccf834435559c251ec9d73cb7b6213930d873f5e7c99416baed8290b72df8df2aa1ceb69f27ab8ccf11ad49c8573c18779679727254f83a36531c1ba250615f0a8c719420bc01c4c564d966f3cc64c7593536f0eb9ee416d4e5c5c8a58835fd79c0dfa88046723ed1e445ee74a12aa9256a9c5ba42a3ec9da71f88b72e8fcf31081f43032891231d1b0f3ab096867bc7c352b9e13634cd0ae3f8ac51c868c95a211607a70a56241b1dad44a0bba531486e754c157fc466e54fd4e248e66869378d14ac5bf640ff63483470008fe077d2be94d973264e3f21ac26333e062fffdc70bd7a29e9508b85130affafe463074cb7b8fd15415304a7a4b8ecb560d3e4dca42a95076ffcc74251940cf72faa145086a6bcaf2739dd86f379fb4db1f5100c633318571cf65777bc4ff184e18b48d14997a1b72b3c65762b6b3ab94e40af84ff9be5c5607faee56b9af7ab0fb6c76e52b7f1de8db4ea75f0703bfaa83282e4e9d2f76d0e9a1dbd2b3ea85b12af499de88f861c4050960721c86a8ad17f13a89452350888b251e1d0178d9e1838d98900a8ebbae5c024cf2d0fddefe1a0ab0a4935f028d36683c65aee3e37743166dbf71337636508e79b9739753fd3de6445701c261c6063739eee1db748a4210c76eee0d76238ae54fdc4fdc77163790779d68fa83cffe92fcd5dd3f319f47728e8ede74ca612c1799754f1a5e04e7aafce5f1596c76f9e32b560d6242928359dd7227ed20d23ecb44ea15c1f4854869b7dd783b0608ccf33c11420e193c01f63cfb3f300ae6023a6ebd0ec06e713f677fb182554857c02a7f55bcffbc5f1cb117a5a4eef945696fb47384006c713643bb75cbbc5907c293164064ff5cc85544a2b2aa091e3bac3f98886f92d87120654effe92f69d102b795a481c65c713a1c1b2942e29725019eaf77af20c7b0cc36f0aa63e264e5db834aa0724d3d212a77886bac40902e9e1ab4bca98f605eff610bf428e60caff4ecc84d49be0214f0e663d741f4d3e3ba366ac20112ad247eed1930d6ab89ac4e29f8b2281f8bb7a1fdacfe2afe9d95307802a1381ef00b73917d48e2f3fab2b6ee6e96bbbe6e5b530b39636b85d23dc0bea290660497c6da8362dc7aa4190920d5fda9ce08dcb7e87b4919dc750312df6e92d219fb5f4aebfbf5822cb3fc8576d38e84ed593aba000abe8cefcf1f8a0111a07f213024d5a0eb231246eaf663b1346228105d70a411eb1edac7cc828d384704e6a6dc7a21c86d92ba67371db8b5c8b24c4fc7f58f24ccfa3309e27e628f5f0e9d9f6f1c1621b4cd1796b9c8c3a41f868ac65680cfb48ce173d391310115525434424d1ff00cb029b25f461f192700debac60a027de5a70f23e6637051d34474537367db038dcac7e664d984dd7276e4c7c54d057e215dec343a86501d0c50b62f1b64853a9a8474f01597bd0fc8a6af5330b2d864a2c78fbb2e274a8bd6d8f963be5fb7c94c41503a25cd4bd875faad846cda8ed9d6a2f150e9f1c8a4ef6fb14d86451e13475f19b214604501a4db446f114b9aa7bc7989d3f6f615299c1048de9f4b5d2265fdefafe65b46196e2d68aee164c3a72f7e5d4b0067bc342ff61f77e905e2b80dc8c89716ced54f80745847f5bf187b170469d1eb711e20f22486c00cbd3834f7a47d7d88523a3f8d0fb4ca9c5ccf38c7395a71058fff313359920b8b32c8b7126f02ad2f2c99f3952b92b8339f167434ae63d3bc7e81cc58bf894d4c9e7b23e333a7f9525034720969e9f51acfd91520a8f30ac9fcff867b21ee94e78dfed2b412074f179f6c2ba057f1287c5986afb122f02131a5c65c297d6359e39111d7c6aebcb8a23bd73f779e254322c173a8afaf19912ff9b1060fe0bdae971aff0dc6f0d2c7fb739d16cde722da6c11fdc011f45d44b0b1f5757aa77d7d8e02560e393ac26cc6f1a9cb170ba6049d0ea7b12d9e605b35b89907d711bdceb2782a9d2b915bd8f01a71dd0a2da0ed7fc5bcca3357e1a40d19e0b4bd12477243550904770c869685e7f694f381a973194778383fb5316c4ca8dd3b502e8fd6fac1327024eb4ba15cfbf3b1659581a368fbd7d9a23149c979b2bad13a9a123895aec1dee2c768ca0bda3737950a0bd814412ea0efdd66b0dbd1b3c4d21706896536e5facaedbf8ac391c0a3a602acb4ea685cb25e9585dbe148a0817df48b34769b499360dad5506850beed5d08372963e50ef67ed5d1a31c128daa83ecf298abfdc5017276957d6bb4d6247cf3a782fb9d98216ab3250d4d4b90aa6784163d3ff14b974486e472dc6ec1be1c29faad2f6666f9d5c9f6f194117d7fa4116f646354d7f3f27dd9862981910f0184952aa94152013f1ce144c9b8be604cbc7a26339ed9042a4d09f504521b8590018258bdddfcc67e01e07d8d9a1093a43c6048bf7769dd352f6517c892c14b68b9dc703bbe6961ee82374c08193022a7840c6ba84bb3e5a26ac960974f013a4693e207f8ad2ad8e34c99533b29fa295b1bcb18964c7625446c5bef03151141d387e1a3e5356fad34245fc519c3c3f3fd380d37e6b31f6f216042b4077a3c36ad10adbfd48c107e41c3ae91cfe91d17ace65583c8df08f12925ce24f3508596136de10c688413e5aa65805f7a6a3a52466a878f0ff96f4d3372023cacb976310159ad9396c6a1fcba34a71518a2cbeb3b8083dd3e403d2ca89282992c6b50f51dc9549126d7fc86a20b0f087fdb87a0efbf322d45a84e19f112e4ddb867ce8c486e96e737305eeaf98891baa7fac8952c0d7e105b14ec3601406da66f3666289e4a40fd566628977c958b9bd0629a995c26888ee9665c94f2495a27667af63a4f47728c316415e73c840fd6797803be4d8d06255c02b2a1e569e21e3b32bdeeab048fe55f0e85b6da75d9a798e051626f635ddc6517a593997fc5bcc00d7428897edb7633be8dc1a16b2abc67c24c76d0bf48426d956bf346a98db96b0621b221b8bf6ac5f67ff8cf90d6aaf6a71458ad1af646434e7fddd369ef44f03a0ee055f21e72f76cabcde3b84de4854d3bf3268c8d232fe05902d790851066d68f28f372a9e6c34c36bc027a359eacb916d4e11062008febd86efd38897abc56ff049397422ecaddc9b8cc171f3128491136105facd5d982c8a371defa6d2968b8e5bf26baae77c10ec2fff73102b8edb50a3a0eafa4512d5a1b15551cb41c61719c1df25131cf3c679bb1d48e23df25da43f6ca6da52a0a693f344679142994fd94c0d0e6c40359c830a3c5e770b94bc5612a0b4c4e5cc9ecbae5408da13a5a2cb91b4bd3989acf789415d0cbced5f02f1cad96ea84c2e6a32f2c6acbc20b68fd920ab2c741f0986d4e3fdffdc9e3662f7cceedd056b73c1cc4642a80dabf07e8e8df8fbedc7cb2fbb302332f0908b42e0b19622a052616dbcd2e266d555ec183e803d34c62b03f5f9ac5862254fa84ed3c0f49f672c5cc3d60e2d09e28ee31502942c31ccb84a2d082d47e9704e4f7a9456e1b2651273a2bfd2bcf53cceb9f7a128fbef2439c7b7f82d819f31310f454f4654204f9efb4eeb65481905e6d08e2d3d48e9fd57b4eb4fd27245d9b8fa301615b501f96d91e5558ae95b1478aaeb123b28cb1a5d589f562c7c500210ef22a2aa13ee041d8ef8fc971106c57a61f7464ac6b09a3b58561685070db5d04d4f388e0a3dabdfff6636bde6ff83148cc2b7f641f221be9d7cddfb33b41453a0f274a2010d82443a23a53b822fe38fba054db815dd230643cf2f73a3ed118bb1069574b3d6b23f321459533c8eff0167dddb78af5d95dc3b3d87c3858e3d517aa3854a84c16b9f71b32a54452408d5a1b360ff5ceb4bc6945c40cf1b87b94d00389fd44390a60190480a4ecc4c3883ef2d8fe378d8e1ebed3070eb678b3d9192693a19f1de12123f57d57135d295aea9f1c47670f29c84530891f3c1783ddc4e3378f2ec054bdb135b19e1af28fa795f89d7fea73a3d72170cdc7da909ce5c2825e628a279e2c6640c2332a8ac7d7e9505ced5703e7b18ec1a21324445c29ae725c0f5ad10fa176be6d25f7bf7571117b31d4aaf96692143f6d93d857230f214ad1c54d26521701262d4f6bda38a3e71a07d4db7d0bd3dd19a092b784c0027ee6ceac2ffa51f7d737c7e00c72e7ca84a31fd606f26cb65a66ff96c5e146998a4e74799b4367e204e7041aef3e143d42076f8e0752656a7285411b23f48a9805fcc5246bf8850a293671933a9cb9ec698c0215861215b882d71bcecb3c6dfef2616292b43599a03608006b00"/8840, @ANYRES32, @ANYBLOB], 0x32e8}}, 0x4008044)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r10, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r7, 0x0)
r11 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r7, 0x8000000)
syz_io_uring_submit(r11, r9, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x3, 0x0, @fd=r10, 0x0, 0x0}, 0x80000001)
io_uring_enter(r7, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:10:30 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, 0x0, 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:10:30 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
preadv(r0, &(0x7f0000000400)=[{&(0x7f0000000100)}, {&(0x7f0000000140)=""/23, 0x17}, {&(0x7f00000001c0)=""/253, 0xfd}, {&(0x7f0000000300)=""/87, 0x57}, {&(0x7f0000000380)=""/90, 0x5a}], 0x5, 0x2800, 0x5)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x28, r5, 0x329, 0x0, 0x0, {{0x5}, {@void, @val={0x69}, @val={0xc}}}, [@NL80211_ATTR_VENDOR_SUBCMD, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_DATA={0x0, 0xc5, "ef86d99f8a738f9bc1eff4449c1a3cf5884f6f3a4919b24912bc760428e53816c641e6f67c9079c1f2f52916d6ab84d556bf2b07cf5f319eaae3bff13cd0cfa48d2beac4ee39808a50525171151ef6be4b4ce783e807a69629cf02c5ea10825e24b541d1fafd8446f0e9800572517767fbc8fdc70156ed5ca5d726980e16fbf6a594e7dc717af0d99532c9c90dc955f715874d5cc1e98921aa2083c9b711b0f744f54b40411895e1df80af7fb964f0bb7cb641000a1322827d8a04c570c02ff85e95368f58ba59b53b9b107bd106b4aa9ebf827227374d827ae75ff40dbe9b756f5a1810b90dc2e3405b2ce9b46646ccb42d27bea4588b5baf49f767307c4c30d5cd73b6410683c73f0617e870a832c0b783be431f6b1330cf3706626df95067c7b8df83451dfa1a1581a2a4f0002a7f65f8a4f290c1d69200fa64de0a25da82bf3916586733e6eae78d52ad45ad0ea8e102b10b62b2b6b57b4a516e989b7f697762b9f3ce2e0a6b712f8536f98cea39cfa31f9b34bac2ba819b3d493169a6a002e6fb46ee1b017a3c95cb2dc61106c7f542f3b30f72fc2efb3f260511af858b0def5bb6e76e3d261faa96f3e6af4f252f7c136943187d65bf4b4d75b393183380cdd3e0a875c4a915b23575b89a76b2b9ee70ee56f69129cf991c499120ea59199437b228daf3fd8cff692059f2456ff5889fdb51add7297adb6fcd6786399b833a1d9744a38255ec269d14776497549796a4267d7eaaf2a99117c654fde549f2a03f427db2faa245b0d2fca57f17902a48b3ca67dd1c14aa57f4052e4b1bdacba2dbc7fa0267685a79f53ecefc04487aa3f9ab205d27981ab11f62bbdccafe2ebba23c7ff24e78a56f8fee89d49007b8e69d020d81771c27e833ad1b31a2b07bb59a9c2cad7cb4b0abb214f5b63ffd602eeecaa620baac5efb8607fd96b594f2df06e2ec8ffd4c814cb03b24086dd0d8f57343bd8e0467f521708103690d74da704e0d66c85f6d4e3f51c0c62afb14fb7d94d53796d169803b4b448cb3911c47a1cae16846d0265c98632a12e718ffe066f0f89bb1fc9e1d0fc921310aea896541c8e1f3e78eb6a92a5a29325841b551c43b28aa6726ffdff0ec0dd5a75df6e9ce25fde1d734e68eb90ce8cc09a783097412677aca35748aa4a5e0bb40f586ea43586cd72ac15c70d641a96b7518d008f2607f1f855d16b151e126bb1b2dda15ed593bb2a425669e3299900bed9c8282edfec2a793221dafabd1fce7d93c58bf976ae31f079b8d9eca8c23ae45b108a91fa82a5d023f7daf148abd3acf38fe37768755fe8c0aa139b0a9ccb50c3e9796a4eb6994a2457897d3ba49d7a371e43391e94172c7f975967b58690deea3dd17f90c82c82882e0098c89832a6dcbfefaf6c382f138100dff4b691255927a865e3a54d9546575cb66829e75d9977226ef3b1dd866d9d81c49b402b0d0812f190678aa0cfa714d4d02f79f0ebc4a8cc18225a5e39d6e103bb21565a4a84b5917e45abc7cf472010480aa039d09b762c11840273b426dc8c174f3c4fed301b0ea0e8a1eaa19af533c38dfa4a92fa4119b0a2589a523a2da493d4f65588b526fc470ba14d7ba5d96cef7b6f8ee8df0378f22c1307b75a23567ce82a8777cff6a67a17262d2c03b1c46e592cfba6fc9207cab84e6a22dc56b9af6a45258b93e17b2a13021a8b325252453591364a9800a6c5239e06b5be31aeae726c1441e68ab29cbd193f6c3e9e4215dca29739ab09f1e92b296393044dd328cbca17e39696a2b2ce9c16aa3abe56f08865267a80a266d66651c406951b2f71717bec37d47684a1b627fda676a40cd3db9360619def50a8a548610d459df9b8d53b86538b75e873f17fbdc796ed89077fe59f1583967a1b9af3c25c3c5995e9ce4d4158521b743280939c3ec3e0ce6d13d14f508be8a152bd76b1292a866fd669308d602715a6360464d340d49a1ba3a2a5c3b00e948599396b8f6afef432487039fc5f8357440033529aa46aa16c00b746264b8718554aaf9df39fc82988c1d263c3a30879a286e0c0406278adc1debd7cb0d73e7182da0fb6cd44cd98cc457ede91e5245028c5a51fb88fe7d01ca96b923a81d5ac06ac136b4b3fe5e7782ece9eed7b94bb9483e3adcf33b70c18c461679db4e7167a1a1b43ec0f6ad4d1f1fb2520873e6a1bd1151ceb1e3aeca49cad2609566ee2c9bdc04a4f1a261e0d748952244f4bdbb0d0497d64e39563ae82817d6e2d304b5597e039aec158a7cd7dbe110ae84d3c0c6db0d89908a3890ffe13b59aeadf747a67f45e29f9cc45a559ad3eee57738d8908ed6e36683dff668f505a1c5218e32dd880529eba31d8553cf9fce05865a002db34f12ad68b0f3c3cf8aa1a87c5af68c802b706b180f6b8ab3d0723665685b94dfc8a4f8e850bed16bc1cf6cdf4123a54ef8b227a802d4196c51305660e3ab89e7b4d32631e3a7837b50db760e89d4254e8bcc702a33e5d04c3f319fa787c261dd230975ee1ba45c15bba45ea1dac765cc25dc09b8a70ab731996e3319662409d2c35cf2e61cd2a0783217fb887e53f4f6f1bc2a95fe99b2708b167efd1218f76d6ffb67db87823da27109bdf593dc4dbf9ad007921789c6a5c9960f4b3d2fe2423f6d3d97fafa855e2e48b8b9ab40262bf84ef3e23c2fa8179ffed6f516426308fe20490add92980ed1da07c36c4262e514e7b8bf627b84bbad6bda7c7f1572f583e1a35a7baefd512891273eeefbb9ddef75d672010e8fa7a4a026ca339d1e96baee5da924f53cc8c8c67bf4ef7e876c4bda36a14f4e24647498d2dd3aa483eb9c2dbf714abc0e43c98c313fa93c3f1f9faa821574082f871a15d3ab82cad85a7735131a40f3f044afa3e9102ddc6c5bbc5d05f787a7c18251f6d4e53b023671d02c049494c4f58ffca7e21a3293c4043e97a9cb72e0298d615069418b0bae45f279baa896c92f6b933334d9be7cda2e2122fac652096e279049c208aedc1a889b8d0c7753a3d0dc1ea4e481b3dfd19681ff64eae5191937b137bb9f5b685177faaa32a1ad86fa7b783465c521b21e68adf0c2aaebb5db2e3015cfc47f7946fabb63200ff94ba39b928f3ede32d993758f70f62ed6538ade62d716fbffb4d7c76680ff0f0201f0cb01534e1e12da1d6478598b2104799010b6ad3db4cc800c5d4fb15e1598b743290539b96010172d881587d0ddf69d8cae12ce128b40d6ef8f314d13330838d8ba29c3922ea20e4b03cae34e2286cba7c1b7e508516cc2bc3500b54656b558138352bed51608e0512f23f8d40769ae3046bf5207c5c6bb7b79d864c98c73f65b7969d85ef316b05a391263a3ee8d66166e9c32dbbc9b205afe379611156baf1e2acbeeea9cd014a84065a546b3810bd46a4b52be4ba5bdb194f374e580bc85914c4eadc03af24f5f4334253f303b5ff68591f73277dd191f8e6414cc492d28574d37ed0a63a0cd38e0cbc2f53798c0f06d31a2db7b0d141bd3e2cd08f1295bb2b9261a90c13c25e0cf1559623c3fab188fcad748656176e21c84c26468b49d8861ebbe71a9f62f6521440771c0911c73f194dfb63976820cb16ab9e24c8bf3efb5403a0d0186fab4de0408bf144298e07c5b508dc6ccc1a505f2278c7217c3946f8732daf8cff32e070f365795a4d9bc871c259b10bb8bcced5ce3691ec477f2f9d3f192b00105da1b235a7a3e95a37d768e3d84e0bdef0bd26e257ee4e27eaac51285430899087c175b3d8e98bc2d327020a0d4259f0785796c6939db78779ad1112d6cf1de6ac2ef2c9d3f5861e613f39db8ee4b45a09451bdeecdd6f96bca89b9c6d0f0f4b84841b15edb1f539c50e796faf6b93fbb55d46ed83a49db699c0f1215238f5bdeab9dd346b7ed0b429363f0e2baeb298d9ddb7a47fb0fc2392691c4309d6a1880de8f0c476c4f1d8fcbb876ba83f0233d2a218565166b0b34b70581d3bde8120af79c2160e8b8a015d2518c56350cb65ec11b5e0417c2163263e1cfaa6ea0a0e9251d5e7d4991eca8d44a1dc5e6a679dc517db96e4cef4de703c1c0d685ac27e814e1752dc060bc502605c8e67cd287f1950c68378d82766d5da739216b26ef08f3d5b5bc4804b0893f61ab1bd7afca553d7ccca29343f1cfb0852ff6b7dd06f037a9714071a289a8be5a2418f233ac5ae39a54f629b34ebc5f7ccbfbac05fb9fd9a6b460dc5a3c10da67bc94826c104fb67fd7c27346ce72c61cd68097c7cde7fbbb7ab48cbb54b0d3e761d060c94c0c739f11b9c674739d8fe210b01cac3a89d1d101ba78366eb9beb888f6a87b84370f42a4d9919a7875dc03a6811d24be5c1df5e47b9caf2bfca2e8a75c4ecbfd2eded9692952111452cff86c1c177132972dd775c140566d2fc12eb91810d0168305a9dfc3e5fe2e7409bf098e6fddd6dffe96852a2edd0bc0d998a17710fc2e349a7e9a57794b54ab05673fd5e703cd3bcf9914284ccf1a57eab9f7c6e738e8950ee5fd422f60c844f9c7948513a7a3f95d4db22438381dad57cdaacb067268d2de948cdb5f351a7ca2914bb6c9f439877507f4ce34be56cc32eeba50dc69f4077148cc3345bfd9e6d5eced009d1b758d6612bd655b307301e3e7bdaaa636cf53616824b38f0432ef81e415cec13f330efca03c5111275a86902c9bfffb614dcfdb8ebfce9072a13943777e58e79c33cc78c0a17ff8e436c85c73fd9d3a5ce014318bcd1ec47818c80bb4fecbebaaaaa8ccb12021175e54a7b5bfda260841ffcf73a81f70d1038f93c0855e57832851f41312f04c12038dfa2d7f7a8c7f921a000083fb9c963a12c2c55a6b5f5f230626d0bcdf8210196126fd92bd75e29d618e562e9d2bea62017e39b964666687210db26c6247d31b089d8f178c7b2c8d83f57716bbfe138520206f18a330772e5b7db453c14c3b1c8641816a77c88950e6ce94de3e8251ab2cb4736b0f2576cc72e7dd26051437f54918488107c4af6871b20933b451a94c00248612de7487ad2706fcd2a8965619acf04aa6fd08016e9916a85097660460e4ba035c284704f701267690ef9c29cc827ca0ff0c01c5f8ebe94c508315c6c756fde533f394640844dbcfab4059da1928ecb06c845f9438b61e48dd6ae6958afbe38ac570f7d342cbd1a0746298a740bc4d4b487c06d2075f6037b7eb81e68a786afdd30197b13eef38f6e5fe984bc136b4ab6cb6ba2b5c51e4003ae53194246c301f6aaed5e714358f66cbf0de825791c3adf2d274367c0b27b6923048450290115c98a6fb59036c818bfc41eadc1e45f9b8108fb32ca662f6fb4faa3a9890c88ba8c03f5fcb578bb667a9068a516b03166e6a32f75e5e6180ccda693475003942e0dd071b6b5361ceffbb57ed8ac6fa57f131dde4e7f07f059a88ae08cb71964e82955cc6fd3af60f1e9c1fcb255b2c17a9bdac04b1f8ff736f42c3345b03b358688effa91d3a8552fc09b6de453ac939e4a2dd9acb345ba543f45fd05d0c09aad0c53a469fc846b3bf842f7c0ef0118c0f25c46c592012a65f6043f20a4979ffc5c9a163a306d3d820d837e4661d53d5ddfb703bf4915220c4c303c21064894268aa38a264d5051e96205bfd90e8cc21f0f991b717e7e3a837853cc1e111ea52490b49559c87711e39a7df424bd3fcbd91d725268e73036d058698d724eee10b532370eed633cc33b2dad1ba54fab7c51e663622fd2ce6e2e405d5f0ed53ea3ccfd2d1997f806c14ed2e223c507d9dc95a6d5834a8ef48d8e5bbba6a72aae7697095615512436d3459"}, @NL80211_ATTR_VENDOR_SUBCMD, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_DATA={0x0, 0xc5, "29a51bfbda6f52af128eed8e85b05b5f2b465e504cc2176547f33a5778ec8ab5ea0afd5350cdce3bb439dfef0456eb33dcf3aa14e9386cc9645a4788364efd6cbe8dc51affd2cb665b8fef1f28a3edfeacbd1a3808d18fd543396d22cb041ddedc39503aaeed09ccdb1bf44dfb0107f1878bcb56e760f164f9e2b8841c9a1de4019e5f369ac6121c5cfbe8a8d62529c5cdc43dfa91926ed7647dacf952031ee4995ba28d770add9b4b2817cd6e980c65dfc02ad630cd3c1d3632bc4caed5e357487f17982fa24608168aa723a71e76683fe18ffa610068b1371571d3d527a59789b8a39f7aff488dfb7539698304966d7aeddd5cd8f959293ea299"}, @NL80211_ATTR_VENDOR_ID]}, 0x28}}, 0x0)
readv(r4, &(0x7f0000000040)=[{&(0x7f0000000100)=""/43, 0x2b}], 0x1)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r7, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r6, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:10:30 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 83)

[ 1857.274400]  ? io_submit_sqes+0x8610/0x8610
[ 1857.278944]  ? recalibrate_cpu_khz+0x10/0x10
[ 1857.279476]  ? ktime_get+0x158/0x1f0
[ 1857.279931]  ? setup_APIC_eilvt+0x2f0/0x2f0
[ 1857.280452]  ? clockevents_program_event+0x131/0x360
[ 1857.281068]  ? tick_program_event+0xa8/0x140
[ 1857.281600]  ? hrtimer_interrupt+0x771/0x9b0
[ 1857.282142]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1857.282792]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1857.283427]  do_syscall_64+0x33/0x40
[ 1857.283884]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1857.284502] RIP: 0033:0x7fb7d3ecdb19
[ 1857.284954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1857.287191] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1857.288113] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1857.288975] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1857.289837] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1857.290716] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1857.291577] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1857.297505] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1857.314816] FAULT_INJECTION: forcing a failure.
[ 1857.314816] name failslab, interval 1, probability 0, space 0, times 0
[ 1857.322943] CPU: 0 PID: 9697 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1857.323774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1857.324781] Call Trace:
[ 1857.325116]  dump_stack+0x107/0x167
[ 1857.325564]  should_fail.cold+0x5/0xa
[ 1857.326034]  ? __kernfs_new_node+0xd4/0x860
[ 1857.326610]  should_failslab+0x5/0x20
[ 1857.327074]  kmem_cache_alloc+0x5b/0x310
[ 1857.327573]  __kernfs_new_node+0xd4/0x860
[ 1857.328082]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1857.328664]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1857.329253]  ? wait_for_completion_io+0x270/0x270
[ 1857.329841]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1857.330490]  kernfs_new_node+0x18d/0x250
[ 1857.330996]  __kernfs_create_file+0x51/0x350
[ 1857.331537]  sysfs_add_file_mode_ns+0x221/0x560
[ 1857.332111]  internal_create_group+0x324/0xb30
[ 1857.332673]  ? sysfs_remove_group+0x170/0x170
[ 1857.333221]  ? kernfs_add_one+0x124/0x4d0
[ 1857.333751]  ? kernfs_create_link+0x1b7/0x230
[ 1857.334308]  internal_create_groups.part.0+0x90/0x140
[ 1857.334958]  sysfs_create_groups+0x25/0x50
[ 1857.335479]  device_add+0x7a9/0x1c50
[ 1857.335938]  ? lockdep_init_map_type+0x2c7/0x780
[ 1857.336542]  ? devlink_add_symlinks+0x970/0x970
[ 1857.337148]  netdev_register_kobject+0x17a/0x3b0
[ 1857.337757]  register_netdevice+0xd6e/0x1480
[ 1857.338325]  ? netdev_change_features+0xb0/0xb0
[ 1857.338913]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1857.339451]  __tun_chr_ioctl+0x2156/0x3f60
[ 1857.339969]  ? lock_downgrade+0x6d0/0x6d0
[ 1857.340476]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1857.341069]  ? tun_chr_poll+0x700/0x700
[ 1857.341555]  ? wait_for_completion_io+0x270/0x270
[ 1857.342151]  ? selinux_file_ioctl+0xb6/0x270
[ 1857.342707]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1857.343259]  __x64_sys_ioctl+0x19a/0x210
[ 1857.343777]  do_syscall_64+0x33/0x40
[ 1857.344251]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1857.344874] RIP: 0033:0x7fc68ced6b19
[ 1857.345329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1857.347586] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1857.348515] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1857.349385] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1857.350259] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1857.351138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1857.352003] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:10:30 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 36)

[ 1857.417025] FAULT_INJECTION: forcing a failure.
[ 1857.417025] name failslab, interval 1, probability 0, space 0, times 0
[ 1857.418487] CPU: 1 PID: 9719 Comm: syz-executor.4 Not tainted 5.10.226 #1
20:10:30 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 84)

[ 1857.419324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1857.431263] Call Trace:
[ 1857.431593]  dump_stack+0x107/0x167
[ 1857.432037]  should_fail.cold+0x5/0xa
[ 1857.432503]  ? create_object.isra.0+0x3a/0xa20
[ 1857.433061]  should_failslab+0x5/0x20
[ 1857.433523]  kmem_cache_alloc+0x5b/0x310
[ 1857.434017]  ? mark_held_locks+0x9e/0xe0
[ 1857.434521]  create_object.isra.0+0x3a/0xa20
[ 1857.435059]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1857.435678]  kmem_cache_alloc_bulk+0x168/0x320
[ 1857.436239]  io_submit_sqes+0x6fe6/0x8610
[ 1857.436763]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1857.437366]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1857.437953]  ? lock_downgrade+0x6d0/0x6d0
[ 1857.438454]  ? find_held_lock+0x2c/0x110
[ 1857.438981]  ? io_submit_sqes+0x8610/0x8610
[ 1857.439513]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1857.440101]  ? wait_for_completion_io+0x270/0x270
[ 1857.440688]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1857.441250]  ? vfs_write+0x354/0xb10
[ 1857.441702]  ? fput_many+0x2f/0x1a0
[ 1857.442145]  ? ksys_write+0x1a9/0x260
[ 1857.442626]  ? __ia32_sys_read+0xb0/0xb0
[ 1857.443125]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1857.443760]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1857.444387]  do_syscall_64+0x33/0x40
[ 1857.444839]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1857.445459] RIP: 0033:0x7fb7d3ecdb19
[ 1857.445912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1857.448159] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1857.449080] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1857.449942] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1857.450824] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1857.451687] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1857.452550] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1857.531843] FAULT_INJECTION: forcing a failure.
[ 1857.531843] name failslab, interval 1, probability 0, space 0, times 0
[ 1857.533407] CPU: 0 PID: 9726 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1857.534237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1857.535328] Call Trace:
[ 1857.535656]  dump_stack+0x107/0x167
[ 1857.536101]  should_fail.cold+0x5/0xa
[ 1857.536570]  ? __kernfs_new_node+0xd4/0x860
[ 1857.537097]  should_failslab+0x5/0x20
[ 1857.537559]  kmem_cache_alloc+0x5b/0x310
[ 1857.538057]  __kernfs_new_node+0xd4/0x860
[ 1857.538583]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1857.539168]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1857.539755]  ? wait_for_completion_io+0x270/0x270
[ 1857.540367]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1857.541035]  kernfs_new_node+0x18d/0x250
[ 1857.541534]  __kernfs_create_file+0x51/0x350
[ 1857.542069]  sysfs_add_file_mode_ns+0x221/0x560
[ 1857.542704]  internal_create_group+0x324/0xb30
[ 1857.543265]  ? sysfs_remove_group+0x170/0x170
[ 1857.543808]  ? kernfs_add_one+0x124/0x4d0
[ 1857.544316]  ? kernfs_create_link+0x1b7/0x230
[ 1857.544862]  internal_create_groups.part.0+0x90/0x140
[ 1857.545490]  sysfs_create_groups+0x25/0x50
[ 1857.546005]  device_add+0x7a9/0x1c50
[ 1857.546462]  ? lockdep_init_map_type+0x2c7/0x780
[ 1857.547090]  ? devlink_add_symlinks+0x970/0x970
[ 1857.547806]  netdev_register_kobject+0x17a/0x3b0
[ 1857.548393]  register_netdevice+0xd6e/0x1480
[ 1857.548930]  ? netdev_change_features+0xb0/0xb0
[ 1857.549497]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1857.550028]  __tun_chr_ioctl+0x2156/0x3f60
[ 1857.550571]  ? lock_downgrade+0x6d0/0x6d0
[ 1857.551076]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1857.551662]  ? tun_chr_poll+0x700/0x700
[ 1857.552147]  ? wait_for_completion_io+0x270/0x270
[ 1857.552746]  ? selinux_file_ioctl+0xb6/0x270
[ 1857.553286]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1857.553833]  __x64_sys_ioctl+0x19a/0x210
[ 1857.554329]  do_syscall_64+0x33/0x40
[ 1857.554854]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1857.555486] RIP: 0033:0x7f7955930b19
[ 1857.555940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1857.558165] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1857.559131] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1857.560002] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1857.560868] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1857.561734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1857.562622] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:10:44 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 19)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:10:44 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x6)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1870.954728] FAULT_INJECTION: forcing a failure.
[ 1870.954728] name failslab, interval 1, probability 0, space 0, times 0
[ 1870.956293] CPU: 1 PID: 9734 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1870.957125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1870.958127] Call Trace:
[ 1870.958455]  dump_stack+0x107/0x167
[ 1870.958899]  should_fail.cold+0x5/0xa
[ 1870.960055]  ? create_object.isra.0+0x3a/0xa20
[ 1870.961360]  should_failslab+0x5/0x20
[ 1870.962435]  kmem_cache_alloc+0x5b/0x310
[ 1870.963610]  create_object.isra.0+0x3a/0xa20
[ 1870.964858]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1870.966303]  kmem_cache_alloc_trace+0x151/0x320
[ 1870.967647]  tty_ldisc_get.part.0+0x70/0x180
[ 1870.968899]  tty_ldisc_init+0x15/0x90
[ 1870.969970]  alloc_tty_struct+0x119/0x8e0
[ 1870.971073]  ? __do_SAK+0x30/0x30
[ 1870.971498]  ? kasan_unpoison_shadow+0x33/0x50
[ 1870.972055]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1870.972674]  pty_unix98_install+0x1ab/0x980
[ 1870.973201]  ? pty_unthrottle+0x60/0x60
[ 1870.973682]  ? pty_open+0x310/0x310
[ 1870.974124]  tty_init_dev.part.0+0xa0/0x610
[ 1870.974650]  ? pty_open+0x310/0x310
[ 1870.975164]  tty_init_dev+0x5b/0x80
[ 1870.975608]  ptmx_open+0x116/0x370
[ 1870.976041]  ? pty_open+0x310/0x310
[ 1870.976482]  chrdev_open+0x268/0x6e0
[ 1870.976934]  ? __unregister_chrdev+0x110/0x110
[ 1870.977490]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1870.978060]  do_dentry_open+0x4b7/0x1090
[ 1870.978597]  ? __unregister_chrdev+0x110/0x110
[ 1870.979157]  ? may_open+0x1e4/0x400
[ 1870.979600]  path_openat+0x19ba/0x2770
[ 1870.980082]  ? path_lookupat+0x860/0x860
[ 1870.980581]  ? lock_acquire+0x197/0x470
[ 1870.991439]  ? find_held_lock+0x2c/0x110
[ 1870.991940]  do_filp_open+0x190/0x3e0
[ 1870.992401]  ? may_open_dev+0xf0/0xf0
[ 1870.992870]  ? do_raw_spin_lock+0x121/0x260
[ 1870.993394]  ? rwlock_bug.part.0+0x90/0x90
[ 1870.993912]  ? _raw_spin_unlock+0x1a/0x30
[ 1870.994415]  ? alloc_fd+0x2e7/0x670
[ 1870.994863]  do_sys_openat2+0x171/0x4d0
[ 1870.995370]  ? build_open_flags+0x6f0/0x6f0
[ 1870.995893]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1870.996481]  ? wait_for_completion_io+0x270/0x270
[ 1870.997076]  __x64_sys_openat+0x13f/0x1f0
[ 1870.997577]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1870.998090]  ? ksys_write+0x1a9/0x260
[ 1870.998558]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1870.999213]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1870.999839]  do_syscall_64+0x33/0x40
[ 1871.000312]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.000958] RIP: 0033:0x7f7574521b19
[ 1871.001412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.003662] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1871.004586] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1871.005451] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
20:10:44 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, 0x0, 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:10:44 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 85)

20:10:44 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
preadv(r0, &(0x7f0000000400)=[{&(0x7f0000000100)}, {&(0x7f0000000140)=""/23, 0x17}, {&(0x7f00000001c0)=""/253, 0xfd}, {&(0x7f0000000300)=""/87, 0x57}, {&(0x7f0000000380)=""/90, 0x5a}], 0x5, 0x2800, 0x5)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x28, r5, 0x329, 0x0, 0x0, {{0x5}, {@void, @val={0x69}, @val={0xc}}}, [@NL80211_ATTR_VENDOR_SUBCMD, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_DATA={0x0, 0xc5, "ef86d99f8a738f9bc1eff4449c1a3cf5884f6f3a4919b24912bc760428e53816c641e6f67c9079c1f2f52916d6ab84d556bf2b07cf5f319eaae3bff13cd0cfa48d2beac4ee39808a50525171151ef6be4b4ce783e807a69629cf02c5ea10825e24b541d1fafd8446f0e9800572517767fbc8fdc70156ed5ca5d726980e16fbf6a594e7dc717af0d99532c9c90dc955f715874d5cc1e98921aa2083c9b711b0f744f54b40411895e1df80af7fb964f0bb7cb641000a1322827d8a04c570c02ff85e95368f58ba59b53b9b107bd106b4aa9ebf827227374d827ae75ff40dbe9b756f5a1810b90dc2e3405b2ce9b46646ccb42d27bea4588b5baf49f767307c4c30d5cd73b6410683c73f0617e870a832c0b783be431f6b1330cf3706626df95067c7b8df83451dfa1a1581a2a4f0002a7f65f8a4f290c1d69200fa64de0a25da82bf3916586733e6eae78d52ad45ad0ea8e102b10b62b2b6b57b4a516e989b7f697762b9f3ce2e0a6b712f8536f98cea39cfa31f9b34bac2ba819b3d493169a6a002e6fb46ee1b017a3c95cb2dc61106c7f542f3b30f72fc2efb3f260511af858b0def5bb6e76e3d261faa96f3e6af4f252f7c136943187d65bf4b4d75b393183380cdd3e0a875c4a915b23575b89a76b2b9ee70ee56f69129cf991c499120ea59199437b228daf3fd8cff692059f2456ff5889fdb51add7297adb6fcd6786399b833a1d9744a38255ec269d14776497549796a4267d7eaaf2a99117c654fde549f2a03f427db2faa245b0d2fca57f17902a48b3ca67dd1c14aa57f4052e4b1bdacba2dbc7fa0267685a79f53ecefc04487aa3f9ab205d27981ab11f62bbdccafe2ebba23c7ff24e78a56f8fee89d49007b8e69d020d81771c27e833ad1b31a2b07bb59a9c2cad7cb4b0abb214f5b63ffd602eeecaa620baac5efb8607fd96b594f2df06e2ec8ffd4c814cb03b24086dd0d8f57343bd8e0467f521708103690d74da704e0d66c85f6d4e3f51c0c62afb14fb7d94d53796d169803b4b448cb3911c47a1cae16846d0265c98632a12e718ffe066f0f89bb1fc9e1d0fc921310aea896541c8e1f3e78eb6a92a5a29325841b551c43b28aa6726ffdff0ec0dd5a75df6e9ce25fde1d734e68eb90ce8cc09a783097412677aca35748aa4a5e0bb40f586ea43586cd72ac15c70d641a96b7518d008f2607f1f855d16b151e126bb1b2dda15ed593bb2a425669e3299900bed9c8282edfec2a793221dafabd1fce7d93c58bf976ae31f079b8d9eca8c23ae45b108a91fa82a5d023f7daf148abd3acf38fe37768755fe8c0aa139b0a9ccb50c3e9796a4eb6994a2457897d3ba49d7a371e43391e94172c7f975967b58690deea3dd17f90c82c82882e0098c89832a6dcbfefaf6c382f138100dff4b691255927a865e3a54d9546575cb66829e75d9977226ef3b1dd866d9d81c49b402b0d0812f190678aa0cfa714d4d02f79f0ebc4a8cc18225a5e39d6e103bb21565a4a84b5917e45abc7cf472010480aa039d09b762c11840273b426dc8c174f3c4fed301b0ea0e8a1eaa19af533c38dfa4a92fa4119b0a2589a523a2da493d4f65588b526fc470ba14d7ba5d96cef7b6f8ee8df0378f22c1307b75a23567ce82a8777cff6a67a17262d2c03b1c46e592cfba6fc9207cab84e6a22dc56b9af6a45258b93e17b2a13021a8b325252453591364a9800a6c5239e06b5be31aeae726c1441e68ab29cbd193f6c3e9e4215dca29739ab09f1e92b296393044dd328cbca17e39696a2b2ce9c16aa3abe56f08865267a80a266d66651c406951b2f71717bec37d47684a1b627fda676a40cd3db9360619def50a8a548610d459df9b8d53b86538b75e873f17fbdc796ed89077fe59f1583967a1b9af3c25c3c5995e9ce4d4158521b743280939c3ec3e0ce6d13d14f508be8a152bd76b1292a866fd669308d602715a6360464d340d49a1ba3a2a5c3b00e948599396b8f6afef432487039fc5f8357440033529aa46aa16c00b746264b8718554aaf9df39fc82988c1d263c3a30879a286e0c0406278adc1debd7cb0d73e7182da0fb6cd44cd98cc457ede91e5245028c5a51fb88fe7d01ca96b923a81d5ac06ac136b4b3fe5e7782ece9eed7b94bb9483e3adcf33b70c18c461679db4e7167a1a1b43ec0f6ad4d1f1fb2520873e6a1bd1151ceb1e3aeca49cad2609566ee2c9bdc04a4f1a261e0d748952244f4bdbb0d0497d64e39563ae82817d6e2d304b5597e039aec158a7cd7dbe110ae84d3c0c6db0d89908a3890ffe13b59aeadf747a67f45e29f9cc45a559ad3eee57738d8908ed6e36683dff668f505a1c5218e32dd880529eba31d8553cf9fce05865a002db34f12ad68b0f3c3cf8aa1a87c5af68c802b706b180f6b8ab3d0723665685b94dfc8a4f8e850bed16bc1cf6cdf4123a54ef8b227a802d4196c51305660e3ab89e7b4d32631e3a7837b50db760e89d4254e8bcc702a33e5d04c3f319fa787c261dd230975ee1ba45c15bba45ea1dac765cc25dc09b8a70ab731996e3319662409d2c35cf2e61cd2a0783217fb887e53f4f6f1bc2a95fe99b2708b167efd1218f76d6ffb67db87823da27109bdf593dc4dbf9ad007921789c6a5c9960f4b3d2fe2423f6d3d97fafa855e2e48b8b9ab40262bf84ef3e23c2fa8179ffed6f516426308fe20490add92980ed1da07c36c4262e514e7b8bf627b84bbad6bda7c7f1572f583e1a35a7baefd512891273eeefbb9ddef75d672010e8fa7a4a026ca339d1e96baee5da924f53cc8c8c67bf4ef7e876c4bda36a14f4e24647498d2dd3aa483eb9c2dbf714abc0e43c98c313fa93c3f1f9faa821574082f871a15d3ab82cad85a7735131a40f3f044afa3e9102ddc6c5bbc5d05f787a7c18251f6d4e53b023671d02c049494c4f58ffca7e21a3293c4043e97a9cb72e0298d615069418b0bae45f279baa896c92f6b933334d9be7cda2e2122fac652096e279049c208aedc1a889b8d0c7753a3d0dc1ea4e481b3dfd19681ff64eae5191937b137bb9f5b685177faaa32a1ad86fa7b783465c521b21e68adf0c2aaebb5db2e3015cfc47f7946fabb63200ff94ba39b928f3ede32d993758f70f62ed6538ade62d716fbffb4d7c76680ff0f0201f0cb01534e1e12da1d6478598b2104799010b6ad3db4cc800c5d4fb15e1598b743290539b96010172d881587d0ddf69d8cae12ce128b40d6ef8f314d13330838d8ba29c3922ea20e4b03cae34e2286cba7c1b7e508516cc2bc3500b54656b558138352bed51608e0512f23f8d40769ae3046bf5207c5c6bb7b79d864c98c73f65b7969d85ef316b05a391263a3ee8d66166e9c32dbbc9b205afe379611156baf1e2acbeeea9cd014a84065a546b3810bd46a4b52be4ba5bdb194f374e580bc85914c4eadc03af24f5f4334253f303b5ff68591f73277dd191f8e6414cc492d28574d37ed0a63a0cd38e0cbc2f53798c0f06d31a2db7b0d141bd3e2cd08f1295bb2b9261a90c13c25e0cf1559623c3fab188fcad748656176e21c84c26468b49d8861ebbe71a9f62f6521440771c0911c73f194dfb63976820cb16ab9e24c8bf3efb5403a0d0186fab4de0408bf144298e07c5b508dc6ccc1a505f2278c7217c3946f8732daf8cff32e070f365795a4d9bc871c259b10bb8bcced5ce3691ec477f2f9d3f192b00105da1b235a7a3e95a37d768e3d84e0bdef0bd26e257ee4e27eaac51285430899087c175b3d8e98bc2d327020a0d4259f0785796c6939db78779ad1112d6cf1de6ac2ef2c9d3f5861e613f39db8ee4b45a09451bdeecdd6f96bca89b9c6d0f0f4b84841b15edb1f539c50e796faf6b93fbb55d46ed83a49db699c0f1215238f5bdeab9dd346b7ed0b429363f0e2baeb298d9ddb7a47fb0fc2392691c4309d6a1880de8f0c476c4f1d8fcbb876ba83f0233d2a218565166b0b34b70581d3bde8120af79c2160e8b8a015d2518c56350cb65ec11b5e0417c2163263e1cfaa6ea0a0e9251d5e7d4991eca8d44a1dc5e6a679dc517db96e4cef4de703c1c0d685ac27e814e1752dc060bc502605c8e67cd287f1950c68378d82766d5da739216b26ef08f3d5b5bc4804b0893f61ab1bd7afca553d7ccca29343f1cfb0852ff6b7dd06f037a9714071a289a8be5a2418f233ac5ae39a54f629b34ebc5f7ccbfbac05fb9fd9a6b460dc5a3c10da67bc94826c104fb67fd7c27346ce72c61cd68097c7cde7fbbb7ab48cbb54b0d3e761d060c94c0c739f11b9c674739d8fe210b01cac3a89d1d101ba78366eb9beb888f6a87b84370f42a4d9919a7875dc03a6811d24be5c1df5e47b9caf2bfca2e8a75c4ecbfd2eded9692952111452cff86c1c177132972dd775c140566d2fc12eb91810d0168305a9dfc3e5fe2e7409bf098e6fddd6dffe96852a2edd0bc0d998a17710fc2e349a7e9a57794b54ab05673fd5e703cd3bcf9914284ccf1a57eab9f7c6e738e8950ee5fd422f60c844f9c7948513a7a3f95d4db22438381dad57cdaacb067268d2de948cdb5f351a7ca2914bb6c9f439877507f4ce34be56cc32eeba50dc69f4077148cc3345bfd9e6d5eced009d1b758d6612bd655b307301e3e7bdaaa636cf53616824b38f0432ef81e415cec13f330efca03c5111275a86902c9bfffb614dcfdb8ebfce9072a13943777e58e79c33cc78c0a17ff8e436c85c73fd9d3a5ce014318bcd1ec47818c80bb4fecbebaaaaa8ccb12021175e54a7b5bfda260841ffcf73a81f70d1038f93c0855e57832851f41312f04c12038dfa2d7f7a8c7f921a000083fb9c963a12c2c55a6b5f5f230626d0bcdf8210196126fd92bd75e29d618e562e9d2bea62017e39b964666687210db26c6247d31b089d8f178c7b2c8d83f57716bbfe138520206f18a330772e5b7db453c14c3b1c8641816a77c88950e6ce94de3e8251ab2cb4736b0f2576cc72e7dd26051437f54918488107c4af6871b20933b451a94c00248612de7487ad2706fcd2a8965619acf04aa6fd08016e9916a85097660460e4ba035c284704f701267690ef9c29cc827ca0ff0c01c5f8ebe94c508315c6c756fde533f394640844dbcfab4059da1928ecb06c845f9438b61e48dd6ae6958afbe38ac570f7d342cbd1a0746298a740bc4d4b487c06d2075f6037b7eb81e68a786afdd30197b13eef38f6e5fe984bc136b4ab6cb6ba2b5c51e4003ae53194246c301f6aaed5e714358f66cbf0de825791c3adf2d274367c0b27b6923048450290115c98a6fb59036c818bfc41eadc1e45f9b8108fb32ca662f6fb4faa3a9890c88ba8c03f5fcb578bb667a9068a516b03166e6a32f75e5e6180ccda693475003942e0dd071b6b5361ceffbb57ed8ac6fa57f131dde4e7f07f059a88ae08cb71964e82955cc6fd3af60f1e9c1fcb255b2c17a9bdac04b1f8ff736f42c3345b03b358688effa91d3a8552fc09b6de453ac939e4a2dd9acb345ba543f45fd05d0c09aad0c53a469fc846b3bf842f7c0ef0118c0f25c46c592012a65f6043f20a4979ffc5c9a163a306d3d820d837e4661d53d5ddfb703bf4915220c4c303c21064894268aa38a264d5051e96205bfd90e8cc21f0f991b717e7e3a837853cc1e111ea52490b49559c87711e39a7df424bd3fcbd91d725268e73036d058698d724eee10b532370eed633cc33b2dad1ba54fab7c51e663622fd2ce6e2e405d5f0ed53ea3ccfd2d1997f806c14ed2e223c507d9dc95a6d5834a8ef48d8e5bbba6a72aae7697095615512436d3459"}, @NL80211_ATTR_VENDOR_SUBCMD, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_ID, @NL80211_ATTR_VENDOR_DATA={0x0, 0xc5, "29a51bfbda6f52af128eed8e85b05b5f2b465e504cc2176547f33a5778ec8ab5ea0afd5350cdce3bb439dfef0456eb33dcf3aa14e9386cc9645a4788364efd6cbe8dc51affd2cb665b8fef1f28a3edfeacbd1a3808d18fd543396d22cb041ddedc39503aaeed09ccdb1bf44dfb0107f1878bcb56e760f164f9e2b8841c9a1de4019e5f369ac6121c5cfbe8a8d62529c5cdc43dfa91926ed7647dacf952031ee4995ba28d770add9b4b2817cd6e980c65dfc02ad630cd3c1d3632bc4caed5e357487f17982fa24608168aa723a71e76683fe18ffa610068b1371571d3d527a59789b8a39f7aff488dfb7539698304966d7aeddd5cd8f959293ea299"}, @NL80211_ATTR_VENDOR_ID]}, 0x28}}, 0x0)
readv(r4, &(0x7f0000000040)=[{&(0x7f0000000100)=""/43, 0x2b}], 0x1)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r7, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r6, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:10:44 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 37)

20:10:44 executing program 1:
perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x181001, 0xb8)

20:10:44 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 45)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1871.006317] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.007194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1871.008061] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1871.023358] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1871.067608] FAULT_INJECTION: forcing a failure.
[ 1871.067608] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.068877] FAULT_INJECTION: forcing a failure.
[ 1871.068877] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.069182] CPU: 1 PID: 9740 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1871.071286] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.072292] Call Trace:
[ 1871.072618]  dump_stack+0x107/0x167
[ 1871.073065]  should_fail.cold+0x5/0xa
[ 1871.073532]  ? create_object.isra.0+0x3a/0xa20
[ 1871.074116]  should_failslab+0x5/0x20
[ 1871.074601]  kmem_cache_alloc+0x5b/0x310
[ 1871.079145]  ? mark_held_locks+0x9e/0xe0
[ 1871.079642]  create_object.isra.0+0x3a/0xa20
[ 1871.080178]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1871.080796]  kmem_cache_alloc_bulk+0x168/0x320
[ 1871.081363]  io_submit_sqes+0x6fe6/0x8610
[ 1871.081887]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1871.082493]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1871.083100]  ? lock_downgrade+0x6d0/0x6d0
[ 1871.083602]  ? find_held_lock+0x2c/0x110
[ 1871.084102]  ? io_submit_sqes+0x8610/0x8610
[ 1871.084636]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.085226]  ? wait_for_completion_io+0x270/0x270
[ 1871.085814]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1871.086378]  ? vfs_write+0x354/0xb10
[ 1871.086830]  ? fput_many+0x2f/0x1a0
[ 1871.087287]  ? ksys_write+0x1a9/0x260
[ 1871.087750]  ? __ia32_sys_read+0xb0/0xb0
[ 1871.088249]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1871.088884]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1871.089513]  do_syscall_64+0x33/0x40
[ 1871.089966]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.090595] RIP: 0033:0x7fb7d3ecdb19
[ 1871.091072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.093295] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1871.094216] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1871.095091] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1871.095952] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.096814] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1871.097676] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1871.098564] CPU: 0 PID: 9745 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1871.099429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.100438] Call Trace:
[ 1871.100768]  dump_stack+0x107/0x167
[ 1871.101230]  should_fail.cold+0x5/0xa
[ 1871.101699]  ? create_object.isra.0+0x3a/0xa20
[ 1871.102260]  should_failslab+0x5/0x20
[ 1871.102727]  kmem_cache_alloc+0x5b/0x310
[ 1871.103243]  create_object.isra.0+0x3a/0xa20
[ 1871.103779]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1871.104403]  kmem_cache_alloc+0x159/0x310
[ 1871.104916]  __kernfs_new_node+0xd4/0x860
[ 1871.105428]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1871.106013]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.106612]  ? wait_for_completion_io+0x270/0x270
[ 1871.107225]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1871.107871]  kernfs_new_node+0x18d/0x250
[ 1871.108372]  __kernfs_create_file+0x51/0x350
[ 1871.108913]  sysfs_add_file_mode_ns+0x221/0x560
[ 1871.109489]  internal_create_group+0x324/0xb30
[ 1871.110053]  ? sysfs_remove_group+0x170/0x170
[ 1871.110603]  ? kernfs_add_one+0x124/0x4d0
[ 1871.111126]  ? kernfs_create_link+0x1b7/0x230
[ 1871.111682]  internal_create_groups.part.0+0x90/0x140
[ 1871.112313]  sysfs_create_groups+0x25/0x50
[ 1871.112831]  device_add+0x7a9/0x1c50
[ 1871.113291]  ? lockdep_init_map_type+0x2c7/0x780
[ 1871.113867]  ? devlink_add_symlinks+0x970/0x970
[ 1871.114444]  netdev_register_kobject+0x17a/0x3b0
[ 1871.115041]  register_netdevice+0xd6e/0x1480
[ 1871.115587]  ? netdev_change_features+0xb0/0xb0
[ 1871.116158]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1871.116693]  __tun_chr_ioctl+0x2156/0x3f60
[ 1871.117224]  ? lock_downgrade+0x6d0/0x6d0
[ 1871.117731]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.118320]  ? tun_chr_poll+0x700/0x700
[ 1871.118812]  ? wait_for_completion_io+0x270/0x270
[ 1871.119423]  ? selinux_file_ioctl+0xb6/0x270
[ 1871.119965]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1871.120516]  __x64_sys_ioctl+0x19a/0x210
[ 1871.121013]  do_syscall_64+0x33/0x40
[ 1871.121474]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.122098] RIP: 0033:0x7f7955930b19
[ 1871.122554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.124797] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1871.125724] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1871.126591] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1871.127471] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.128336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1871.129204] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1871.156731] FAULT_INJECTION: forcing a failure.
[ 1871.156731] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.158163] CPU: 0 PID: 9747 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1871.159012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.160054] Call Trace:
[ 1871.160383]  dump_stack+0x107/0x167
[ 1871.160830]  should_fail.cold+0x5/0xa
[ 1871.161299]  ? create_object.isra.0+0x3a/0xa20
[ 1871.161857]  should_failslab+0x5/0x20
[ 1871.162328]  kmem_cache_alloc+0x5b/0x310
[ 1871.162827]  create_object.isra.0+0x3a/0xa20
[ 1871.163381]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1871.164002]  kmem_cache_alloc+0x159/0x310
[ 1871.164515]  __kernfs_new_node+0xd4/0x860
[ 1871.165025]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1871.165608]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.166200]  ? wait_for_completion_io+0x270/0x270
[ 1871.166789]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1871.167447]  kernfs_new_node+0x18d/0x250
[ 1871.167945]  __kernfs_create_file+0x51/0x350
[ 1871.168485]  sysfs_add_file_mode_ns+0x221/0x560
[ 1871.169058]  internal_create_group+0x324/0xb30
[ 1871.169620]  ? sysfs_remove_group+0x170/0x170
[ 1871.170165]  ? kernfs_add_one+0x124/0x4d0
[ 1871.170674]  ? kernfs_create_link+0x1b7/0x230
[ 1871.171242]  internal_create_groups.part.0+0x90/0x140
[ 1871.171872]  sysfs_create_groups+0x25/0x50
[ 1871.172393]  device_add+0x7a9/0x1c50
[ 1871.172851]  ? lockdep_init_map_type+0x2c7/0x780
[ 1871.173429]  ? devlink_add_symlinks+0x970/0x970
[ 1871.174006]  netdev_register_kobject+0x17a/0x3b0
[ 1871.174587]  register_netdevice+0xd6e/0x1480
[ 1871.175139]  ? netdev_change_features+0xb0/0xb0
[ 1871.175710]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1871.176244]  __tun_chr_ioctl+0x2156/0x3f60
[ 1871.176762]  ? lock_downgrade+0x6d0/0x6d0
[ 1871.177269]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.177860]  ? tun_chr_poll+0x700/0x700
[ 1871.178347]  ? wait_for_completion_io+0x270/0x270
[ 1871.178943]  ? selinux_file_ioctl+0xb6/0x270
[ 1871.179497]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1871.180046]  __x64_sys_ioctl+0x19a/0x210
[ 1871.180549]  do_syscall_64+0x33/0x40
[ 1871.181003]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.181628] RIP: 0033:0x7fc68ced6b19
[ 1871.182082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.184331] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1871.185258] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1871.186124] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1871.187005] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.187877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1871.188744] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:10:44 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
ioctl$sock_inet_SIOCDARP(r3, 0x8953, &(0x7f0000000100)={{0x2, 0x4e20, @broadcast}, {0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x24, {0x2, 0x9, @rand_addr=0x64010101}, 'macvlan1\x00'})
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000000, 0x20010, r0, 0x10000000)
r7 = syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0xfff, 0x8, &(0x7f00000007c0)=[{&(0x7f0000000240)="9788991c295961b7e5a49163433cb112806c0450d32e4590091bcb6ebc9d05d08922ab99e0dbac26b83b96b7eb10128e7f6718634cbb3df4f20afae9687b", 0x3e, 0x1}, {&(0x7f0000000300)="08219dcf693a9b4a2deb61e29fba60d448bd4c801aba84a2b4cecb19a30ac473bdb16d8b2de9de6776dd056afdfe066aa688486db9c6dda7cad6f344aca369716aa4740f14966d67f06b1411b480cdd06a521d4e7eccbaf9b717e432964347a8b87d760f5281", 0x66, 0x80000001}, {&(0x7f0000000380)="f11a5ede7ac84d3d4d160ad4212b8b7a00824ac38d470d31cbec24ad8f563efe1d7b04ac76bcb261210a4fb3d338e917e36672c77397929687ada6fd1365732dbb4aff99c5d08f035dde0047073afca15fc90d30828a9dd211cbc9bce13584645970f1db167ed18bc51aaa01d0ebd5ceffa6dd722505ca74f6457e5cbf029eae88a0bd02cff0eafe63b37f2d0edd8b3db8b000d76b35e1faf647e3bf301bdec7185d9d3c60d8b96d4fbecec4d6acc74b946032039b5e8ea1430e07224f", 0xbd, 0x81}, {&(0x7f0000000280)="ba3b413eaaa8d46c4e19947e9f4efdf97859440bd6e2143a2099937751046f90a6ed730f22a1bfd88afb", 0x2a, 0xff}, {&(0x7f0000000500)="fb4271543e1ba47295eaae121da7d642b7d3296872c041980a1a2bcbda24b5c412d0da146d560f993131ca386b1c15ebe7fa51fb7f67854838d181a0bc8a8550dcc769a5a5575f8f7e5b50e62833875fa6ce8bd01663236c80008fd53b937245643f66ed8763489c57ab4ab0fbdcd15593152ecc2271f32cbc3c3ed9439d312961b659c3343674dc5a14ffeb40b4c392b5a08051b45934c8940c436812edfbc640e03de066fe7191cfb3a54c010b2b09a6867a48ca380721791483e0f13cfcaa00d04e31dafc9a7adaf03c1f67cd4a3f48df9044fbe8f626d9f4476a2ee2a54b54cd2a10eccf9ad4d2729258f7e2e1d4df5d4f06174487a2b41520", 0xfb, 0x40}, {&(0x7f0000000600)="79385f4355b2d636f610cc87c9c75c155f028f61230375dbfcfc0f4d1fbc3d2766782be8205388e491b8cc7f9a051487b7d7c7793da540decfd9840657fc0b057b", 0x41, 0xffffffff00000001}, {&(0x7f0000000680)="3c67c0fa00e9ec00170cf46aa2678ab9ca812f93ba71d3543ecb5f7a582278e18850396191790263cae61b3891bd2da8be7941a5850b218f6f3168b3fb8ca4bf3c78148991ad4c19da4f2188967dd63b7039b2b4e6c4e1147fc82ed213f7154ad9c787e778dd085d3b9eff3530e9d41cf6d26368b0cc2e927812552a01b17c01175402", 0x83, 0x2}, {&(0x7f0000000740)="4c1541e9dbc390bda49f92e3a97196e4dbc437542c4558ca81db079b2a884bd4a9ddc839f2d928b79e8d6ae4de5ce440f075f827177cafea2348b108c5cdbf76594e35c49853da8eec16ab2baa305df0539aa095373d4e", 0x57, 0xfffffffffffffffe}], 0xf400, &(0x7f0000000880)={[{@cruft}, {@utf8}, {@nocompress}, {@uid}, {@unhide}, {@overriderock}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@gid}, {@check_strict}], [{@uid_eq={'uid', 0x3d, 0xee01}}, {@hash}, {@audit}, {@subj_user={'subj_user', 0x3d, ')'}}]})
r8 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}}, 0x0)
syz_io_uring_submit(r4, r6, &(0x7f0000000a40)=@IORING_OP_WRITEV={0x2, 0x4, 0x2004, @fd=r7, 0x10000, &(0x7f0000000a00)=[{&(0x7f0000000440)="90b8cb3c24ec9169c841b2096f8511f49b04e2ba2ee90cdb", 0x18}, {&(0x7f0000000940)="07b1ca0536e23fc483cb49e84d957f58040da66a5baf192d756fdc25a4b5e6e8b0300dbb2ab00c01308a21c05a4eb4512e6d9fe3a663cdadc6d66f7a855655573756f5ad6e78303ef553ec177206a32743d62550f38538086242050dbb57fe7af6ded365fb7faf32e758a3ebffd6f8c3d1673524c17d80385423aea23fa8afb278b5020fd79cba1e31119321d0095237bec9823a83911b22d87d790f54df1c", 0x9f}], 0x2, 0x13, 0x1, {0x0, r11}}, 0x8)
syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:10:44 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 20)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:10:44 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x7)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:10:44 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 38)

20:10:44 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 46)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1871.309594] FAULT_INJECTION: forcing a failure.
[ 1871.309594] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.313687] FAULT_INJECTION: forcing a failure.
[ 1871.313687] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.317094] CPU: 1 PID: 9759 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1871.323158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.324168] Call Trace:
[ 1871.324496]  dump_stack+0x107/0x167
[ 1871.324952]  should_fail.cold+0x5/0xa
[ 1871.325424]  ? __get_vm_area_node+0xd4/0x340
[ 1871.325968]  should_failslab+0x5/0x20
[ 1871.326433]  kmem_cache_alloc_node_trace+0x59/0x340
[ 1871.327066]  __get_vm_area_node+0xd4/0x340
[ 1871.327584]  __vmalloc_node_range+0x13f/0x9e0
[ 1871.328139]  ? n_tty_open+0x16/0x170
[ 1871.328590]  ? n_tty_open+0x16/0x170
[ 1871.329055]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1871.329664]  ? __vmalloc_node+0x110/0x110
[ 1871.330176]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1871.330791]  ? n_tty_open+0x16/0x170
[ 1871.331255]  __vmalloc_node+0xb5/0x110
[ 1871.331727]  ? n_tty_open+0x16/0x170
[ 1871.332184]  n_tty_open+0x16/0x170
[ 1871.332616]  ? n_tty_set_termios+0x1010/0x1010
[ 1871.333171]  tty_ldisc_open+0xa2/0x120
[ 1871.333644]  tty_ldisc_setup+0x43/0x100
[ 1871.334130]  tty_init_dev.part.0+0x1fa/0x610
[ 1871.334666]  ? pty_open+0x310/0x310
[ 1871.335121]  tty_init_dev+0x5b/0x80
[ 1871.335564]  ptmx_open+0x116/0x370
[ 1871.335999]  ? pty_open+0x310/0x310
[ 1871.336442]  chrdev_open+0x268/0x6e0
[ 1871.336904]  ? __unregister_chrdev+0x110/0x110
[ 1871.337487]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1871.338088]  do_dentry_open+0x4b7/0x1090
[ 1871.338603]  ? __unregister_chrdev+0x110/0x110
[ 1871.339199]  ? may_open+0x1e4/0x400
[ 1871.339642]  path_openat+0x19ba/0x2770
[ 1871.340125]  ? path_lookupat+0x860/0x860
[ 1871.340621]  ? lock_acquire+0x197/0x470
[ 1871.341105]  ? find_held_lock+0x2c/0x110
[ 1871.341606]  do_filp_open+0x190/0x3e0
[ 1871.342069]  ? may_open_dev+0xf0/0xf0
[ 1871.342540]  ? do_raw_spin_lock+0x121/0x260
[ 1871.343076]  ? rwlock_bug.part.0+0x90/0x90
[ 1871.343596]  ? _raw_spin_unlock+0x1a/0x30
[ 1871.344100]  ? alloc_fd+0x2e7/0x670
[ 1871.344550]  do_sys_openat2+0x171/0x4d0
[ 1871.345036]  ? build_open_flags+0x6f0/0x6f0
[ 1871.345560]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.346150]  ? wait_for_completion_io+0x270/0x270
[ 1871.346738]  __x64_sys_openat+0x13f/0x1f0
[ 1871.347260]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1871.347771]  ? ksys_write+0x1a9/0x260
[ 1871.348242]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1871.348905]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1871.349563]  do_syscall_64+0x33/0x40
[ 1871.350037]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.350685] RIP: 0033:0x7f7574521b19
[ 1871.355177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.357401] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1871.358321] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1871.359206] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1871.360071] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.360932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1871.361802] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1871.362690] CPU: 0 PID: 9758 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1871.362795] syz-executor.7: vmalloc: allocation failure: 9120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[ 1871.363552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.363557] Call Trace:
[ 1871.363578]  dump_stack+0x107/0x167
[ 1871.363594]  should_fail.cold+0x5/0xa
[ 1871.364918] ,cpuset=
[ 1871.365894]  ? create_object.isra.0+0x3a/0xa20
[ 1871.365913]  should_failslab+0x5/0x20
[ 1871.366289] syz7
[ 1871.366658]  kmem_cache_alloc+0x5b/0x310
[ 1871.366675]  ? mark_held_locks+0x9e/0xe0
[ 1871.367164] ,mems_allowed=0
[ 1871.367430]  create_object.isra.0+0x3a/0xa20
[ 1871.367448]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1871.368050] 
[ 1871.368453]  kmem_cache_alloc_bulk+0x168/0x320
[ 1871.371900]  io_submit_sqes+0x6fe6/0x8610
[ 1871.372424]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1871.373036]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1871.373657]  ? lock_downgrade+0x6d0/0x6d0
[ 1871.374161]  ? find_held_lock+0x2c/0x110
[ 1871.374658]  ? io_submit_sqes+0x8610/0x8610
[ 1871.375199]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.375788]  ? wait_for_completion_io+0x270/0x270
[ 1871.376379]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1871.376943]  ? vfs_write+0x354/0xb10
[ 1871.377399]  ? fput_many+0x2f/0x1a0
[ 1871.377842]  ? ksys_write+0x1a9/0x260
[ 1871.378309]  ? __ia32_sys_read+0xb0/0xb0
[ 1871.378806]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1871.379510]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1871.380144]  do_syscall_64+0x33/0x40
[ 1871.380599]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.381224] RIP: 0033:0x7fb7d3ecdb19
[ 1871.381677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.383991] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1871.385036] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1871.386014] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1871.386995] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.387973] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1871.388946] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
[ 1871.389913] CPU: 1 PID: 9759 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1871.390770] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
20:10:44 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 86)

[ 1871.391894] Call Trace:
[ 1871.399160]  dump_stack+0x107/0x167
[ 1871.399607]  warn_alloc.cold+0x95/0x18a
[ 1871.400091]  ? zone_watermark_ok_safe+0x260/0x260
[ 1871.400678]  ? __get_vm_area_node+0xd4/0x340
[ 1871.401215]  ? __kasan_kmalloc.constprop.0+0xa2/0xd0
[ 1871.401832]  ? __get_vm_area_node+0x262/0x340
[ 1871.402380]  __vmalloc_node_range+0x58f/0x9e0
[ 1871.402926]  ? n_tty_open+0x16/0x170
[ 1871.403402]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1871.404010]  ? __vmalloc_node+0x110/0x110
[ 1871.404521]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1871.405130]  ? n_tty_open+0x16/0x170
[ 1871.405587]  __vmalloc_node+0xb5/0x110
[ 1871.406059]  ? n_tty_open+0x16/0x170
[ 1871.406518]  n_tty_open+0x16/0x170
[ 1871.406948]  ? n_tty_set_termios+0x1010/0x1010
[ 1871.411524]  tty_ldisc_open+0xa2/0x120
[ 1871.411998]  tty_ldisc_setup+0x43/0x100
[ 1871.412478]  tty_init_dev.part.0+0x1fa/0x610
[ 1871.413017]  ? pty_open+0x310/0x310
[ 1871.413463]  tty_init_dev+0x5b/0x80
[ 1871.413908]  ptmx_open+0x116/0x370
[ 1871.414351]  ? pty_open+0x310/0x310
[ 1871.414790]  chrdev_open+0x268/0x6e0
[ 1871.423239]  ? __unregister_chrdev+0x110/0x110
[ 1871.423802]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1871.424380]  do_dentry_open+0x4b7/0x1090
[ 1871.424872]  ? __unregister_chrdev+0x110/0x110
[ 1871.425430]  ? may_open+0x1e4/0x400
[ 1871.425872]  path_openat+0x19ba/0x2770
[ 1871.426360]  ? path_lookupat+0x860/0x860
[ 1871.426853]  ? lock_acquire+0x197/0x470
[ 1871.431355]  ? find_held_lock+0x2c/0x110
[ 1871.431856]  do_filp_open+0x190/0x3e0
[ 1871.432316]  ? may_open_dev+0xf0/0xf0
[ 1871.432787]  ? do_raw_spin_lock+0x121/0x260
[ 1871.433309]  ? rwlock_bug.part.0+0x90/0x90
[ 1871.433836]  ? _raw_spin_unlock+0x1a/0x30
[ 1871.434343]  ? alloc_fd+0x2e7/0x670
[ 1871.434791]  do_sys_openat2+0x171/0x4d0
[ 1871.443295]  ? build_open_flags+0x6f0/0x6f0
[ 1871.443818]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.444404]  ? wait_for_completion_io+0x270/0x270
[ 1871.444994]  __x64_sys_openat+0x13f/0x1f0
[ 1871.445495]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1871.446006]  ? ksys_write+0x1a9/0x260
[ 1871.446472]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1871.447122]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1871.447747]  do_syscall_64+0x33/0x40
[ 1871.448200]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.448818] RIP: 0033:0x7f7574521b19
[ 1871.449269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.455512] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1871.456431] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1871.457292] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1871.458153] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.463037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1871.463899] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1871.464827] Mem-Info:
[ 1871.465243] active_anon:55 inactive_anon:53463 isolated_anon:0
[ 1871.465243]  active_file:15079 inactive_file:72958 isolated_file:0
[ 1871.465243]  unevictable:0 dirty:673 writeback:0
[ 1871.465243]  slab_reclaimable:8958 slab_unreclaimable:63875
[ 1871.465243]  mapped:82297 shmem:662 pagetables:1531 bounce:0
[ 1871.465243]  free:91919 free_pcp:343 free_cma:0
[ 1871.473143] Node 0 active_anon:220kB inactive_anon:213852kB active_file:60316kB inactive_file:291832kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:329188kB dirty:2692kB writeback:0kB shmem:2648kB writeback_tmp:0kB kernel_stack:4448kB all_unreclaimable? no
[ 1871.484096] Node 0 DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1871.487362] lowmem_reserve[]: 0 1616 1616 1616
[ 1871.487985] Node 0 DMA32 free:351856kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:220kB inactive_anon:213852kB active_file:60316kB inactive_file:291832kB unevictable:0kB writepending:2644kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:6124kB bounce:0kB free_pcp:1552kB local_pcp:844kB free_cma:0kB
[ 1871.491678] lowmem_reserve[]: 0 0 0 0
[ 1871.492247] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1871.494056] Node 0 DMA32: 666*4kB (UM) 731*8kB (UM) 211*16kB (UME) 148*32kB (UME) 139*64kB (UME) 101*128kB (UME) 56*256kB (UM) 38*512kB (UME) 25*1024kB (U) 18*2048kB (UM) 53*4096kB (UM) = 351792kB
[ 1871.496408] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1871.497497] 30417 total pagecache pages
[ 1871.498063] 0 pages in swap cache
[ 1871.498482] Swap cache stats: add 0, delete 0, find 0/0
[ 1871.507199] Free swap  = 0kB
[ 1871.507618] Total swap = 0kB
[ 1871.508025] 524158 pages RAM
[ 1871.508431] 0 pages HighMem/MovableOnly
[ 1871.508915] 105064 pages reserved
[ 1871.509397] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:10:44 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 39)

20:10:44 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x1)

[ 1871.538718] FAULT_INJECTION: forcing a failure.
[ 1871.538718] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.544290] CPU: 1 PID: 9765 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1871.545130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.546135] Call Trace:
[ 1871.546459]  dump_stack+0x107/0x167
[ 1871.546906]  should_fail.cold+0x5/0xa
[ 1871.551397]  ? __kernfs_new_node+0xd4/0x860
[ 1871.551923]  should_failslab+0x5/0x20
[ 1871.552386]  kmem_cache_alloc+0x5b/0x310
[ 1871.552882]  __kernfs_new_node+0xd4/0x860
[ 1871.553391]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1871.553971]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.554559]  ? wait_for_completion_io+0x270/0x270
[ 1871.555166]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1871.555808]  kernfs_new_node+0x18d/0x250
[ 1871.556304]  __kernfs_create_file+0x51/0x350
[ 1871.556841]  sysfs_add_file_mode_ns+0x221/0x560
[ 1871.557411]  internal_create_group+0x324/0xb30
[ 1871.557971]  ? sysfs_remove_group+0x170/0x170
[ 1871.558519]  ? kernfs_add_one+0x124/0x4d0
[ 1871.559042]  ? kernfs_create_link+0x1b7/0x230
[ 1871.559590]  internal_create_groups.part.0+0x90/0x140
[ 1871.560218]  sysfs_create_groups+0x25/0x50
[ 1871.560731]  device_add+0x7a9/0x1c50
[ 1871.561188]  ? lockdep_init_map_type+0x2c7/0x780
[ 1871.561762]  ? devlink_add_symlinks+0x970/0x970
[ 1871.562336]  netdev_register_kobject+0x17a/0x3b0
[ 1871.562912]  register_netdevice+0xd6e/0x1480
[ 1871.563462]  ? netdev_change_features+0xb0/0xb0
[ 1871.564034]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1871.564567]  __tun_chr_ioctl+0x2156/0x3f60
[ 1871.565082]  ? lock_downgrade+0x6d0/0x6d0
[ 1871.565587]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.566171]  ? tun_chr_poll+0x700/0x700
[ 1871.566656]  ? wait_for_completion_io+0x270/0x270
[ 1871.567259]  ? selinux_file_ioctl+0xb6/0x270
[ 1871.567798]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1871.568346]  __x64_sys_ioctl+0x19a/0x210
[ 1871.568840]  do_syscall_64+0x33/0x40
[ 1871.569293]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.569914] RIP: 0033:0x7f7955930b19
[ 1871.570367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.572593] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1871.573516] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1871.574380] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1871.575256] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.576121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1871.576986] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1871.602829] FAULT_INJECTION: forcing a failure.
[ 1871.602829] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.608461] CPU: 1 PID: 9766 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1871.609299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.610311] Call Trace:
[ 1871.610639]  dump_stack+0x107/0x167
[ 1871.614107] FAULT_INJECTION: forcing a failure.
[ 1871.614107] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.615112]  should_fail.cold+0x5/0xa
[ 1871.615131]  ? __kernfs_new_node+0xd4/0x860
[ 1871.615157]  should_failslab+0x5/0x20
[ 1871.617910]  kmem_cache_alloc+0x5b/0x310
[ 1871.618414]  __kernfs_new_node+0xd4/0x860
[ 1871.618920]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1871.623528]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.624119]  ? wait_for_completion_io+0x270/0x270
[ 1871.624710]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1871.625353]  kernfs_new_node+0x18d/0x250
[ 1871.625851]  __kernfs_create_file+0x51/0x350
[ 1871.626390]  sysfs_add_file_mode_ns+0x221/0x560
[ 1871.626960]  internal_create_group+0x324/0xb30
[ 1871.627533]  ? sysfs_remove_group+0x170/0x170
[ 1871.628076]  ? kernfs_add_one+0x124/0x4d0
[ 1871.628581]  ? kernfs_create_link+0x1b7/0x230
[ 1871.629126]  internal_create_groups.part.0+0x90/0x140
[ 1871.629751]  sysfs_create_groups+0x25/0x50
[ 1871.630269]  device_add+0x7a9/0x1c50
[ 1871.630744]  ? lockdep_init_map_type+0x2c7/0x780
[ 1871.631333]  ? devlink_add_symlinks+0x970/0x970
[ 1871.631904]  netdev_register_kobject+0x17a/0x3b0
[ 1871.632483]  register_netdevice+0xd6e/0x1480
[ 1871.633021]  ? netdev_change_features+0xb0/0xb0
[ 1871.633588]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1871.634119]  __tun_chr_ioctl+0x2156/0x3f60
[ 1871.634634]  ? lock_downgrade+0x6d0/0x6d0
[ 1871.635150]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.635734]  ? tun_chr_poll+0x700/0x700
[ 1871.636219]  ? wait_for_completion_io+0x270/0x270
[ 1871.636809]  ? selinux_file_ioctl+0xb6/0x270
[ 1871.637348]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1871.637892]  __x64_sys_ioctl+0x19a/0x210
[ 1871.638391]  do_syscall_64+0x33/0x40
[ 1871.638842]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.639485] RIP: 0033:0x7fc68ced6b19
[ 1871.639967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.642304] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1871.643286] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1871.644160] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1871.645032] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.645897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1871.646763] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1871.651659] CPU: 0 PID: 9773 Comm: syz-executor.4 Not tainted 5.10.226 #1
[ 1871.652507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.653509] Call Trace:
[ 1871.653837]  dump_stack+0x107/0x167
[ 1871.654280]  should_fail.cold+0x5/0xa
[ 1871.654748]  ? create_object.isra.0+0x3a/0xa20
[ 1871.655326]  should_failslab+0x5/0x20
[ 1871.655789]  kmem_cache_alloc+0x5b/0x310
[ 1871.656290]  ? mark_held_locks+0x9e/0xe0
[ 1871.656789]  create_object.isra.0+0x3a/0xa20
[ 1871.657329]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1871.657946]  kmem_cache_alloc_bulk+0x168/0x320
[ 1871.658509]  io_submit_sqes+0x6fe6/0x8610
[ 1871.659036]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1871.659645]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1871.660238]  ? lock_downgrade+0x6d0/0x6d0
[ 1871.660744]  ? find_held_lock+0x2c/0x110
[ 1871.661247]  ? io_submit_sqes+0x8610/0x8610
[ 1871.661777]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.662366]  ? wait_for_completion_io+0x270/0x270
[ 1871.662953]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1871.663530]  ? vfs_write+0x354/0xb10
[ 1871.663982]  ? fput_many+0x2f/0x1a0
[ 1871.664426]  ? ksys_write+0x1a9/0x260
[ 1871.664887]  ? __ia32_sys_read+0xb0/0xb0
[ 1871.665385]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1871.666020]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1871.666646]  do_syscall_64+0x33/0x40
[ 1871.667124]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.667748] RIP: 0033:0x7fb7d3ecdb19
[ 1871.668200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.670506] RSP: 002b:00007fb7d1443188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1871.671462] RAX: ffffffffffffffda RBX: 00007fb7d3fe0f60 RCX: 00007fb7d3ecdb19
[ 1871.672324] RDX: 0000000000000002 RSI: 00000000008058ab RDI: 0000000000000005
[ 1871.673186] RBP: 00007fb7d14431d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.674051] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 1871.674912] R13: 00007ffd113c06df R14: 00007fb7d1443300 R15: 0000000000022000
20:10:45 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 87)

[ 1871.717658] FAULT_INJECTION: forcing a failure.
[ 1871.717658] name failslab, interval 1, probability 0, space 0, times 0
[ 1871.719239] CPU: 0 PID: 9778 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1871.720071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1871.721074] Call Trace:
[ 1871.721405]  dump_stack+0x107/0x167
[ 1871.721851]  should_fail.cold+0x5/0xa
[ 1871.722320]  ? create_object.isra.0+0x3a/0xa20
[ 1871.722877]  should_failslab+0x5/0x20
[ 1871.723395]  kmem_cache_alloc+0x5b/0x310
[ 1871.723895]  create_object.isra.0+0x3a/0xa20
[ 1871.724435]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1871.725067]  kmem_cache_alloc+0x159/0x310
[ 1871.725579]  __kernfs_new_node+0xd4/0x860
[ 1871.726102]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1871.726684]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.727294]  ? wait_for_completion_io+0x270/0x270
[ 1871.727894]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1871.728540]  kernfs_new_node+0x18d/0x250
[ 1871.729048]  __kernfs_create_file+0x51/0x350
[ 1871.729585]  sysfs_add_file_mode_ns+0x221/0x560
[ 1871.730166]  internal_create_group+0x324/0xb30
[ 1871.730727]  ? sysfs_remove_group+0x170/0x170
[ 1871.731294]  ? kernfs_add_one+0x124/0x4d0
[ 1871.731831]  ? kernfs_create_link+0x1b7/0x230
[ 1871.732413]  internal_create_groups.part.0+0x90/0x140
[ 1871.733078]  sysfs_create_groups+0x25/0x50
[ 1871.733621]  device_add+0x7a9/0x1c50
[ 1871.734109]  ? lockdep_init_map_type+0x2c7/0x780
[ 1871.734708]  ? devlink_add_symlinks+0x970/0x970
[ 1871.735310]  netdev_register_kobject+0x17a/0x3b0
[ 1871.735903]  register_netdevice+0xd6e/0x1480
[ 1871.736465]  ? netdev_change_features+0xb0/0xb0
[ 1871.737068]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1871.737622]  __tun_chr_ioctl+0x2156/0x3f60
[ 1871.738171]  ? lock_downgrade+0x6d0/0x6d0
[ 1871.738697]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1871.739297]  ? tun_chr_poll+0x700/0x700
[ 1871.739785]  ? wait_for_completion_io+0x270/0x270
[ 1871.740383]  ? selinux_file_ioctl+0xb6/0x270
[ 1871.740943]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1871.741490]  __x64_sys_ioctl+0x19a/0x210
[ 1871.741983]  do_syscall_64+0x33/0x40
[ 1871.742435]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1871.743067] RIP: 0033:0x7f7955930b19
[ 1871.743522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1871.745744] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1871.746667] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1871.747580] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1871.748451] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1871.749315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1871.750184] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:10:45 executing program 0:
unlinkat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(0x0, 0x248803, 0x0)
mkdirat(r1, &(0x7f0000000200)='./file0\x00', 0x86)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/icmp\x00')
pread64(r1, &(0x7f0000000240)=""/67, 0x43, 0x200000048)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x6, 0x7c, 0x3, 0x7, 0x0, 0x40000000401, 0x48000, 0x11, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x7, @perf_bp, 0x2040, 0x5, 0x3ff, 0x2, 0x1, 0x8, 0x1, 0x0, 0x3000, 0x0, 0x4e77}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x9, 0x7, 0x7, 0x1, 0x0, 0x7f, 0x80000, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x7, 0x100}, 0x0, 0x7fffffff, 0xff5, 0x3, 0x6, 0x0, 0x4, 0x0, 0x9, 0x0, 0x7}, 0x0, 0xb, r0, 0x3)
getsockname(r2, &(0x7f0000000240)=@hci, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
symlinkat(&(0x7f0000000300)='./file0/file0\x00', r2, &(0x7f0000000340)='./file0\x00')
close(r3)
perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff810013a0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0xa43834e223e355dd, 0x0)
close(r2)
clone3(&(0x7f00000008c0)={0x2a3100100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x109000, 0x3)
dup2(r4, 0xffffffffffffffff)

[ 1885.298779] FAULT_INJECTION: forcing a failure.
[ 1885.298779] name failslab, interval 1, probability 0, space 0, times 0
[ 1885.300371] CPU: 1 PID: 9791 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1885.301212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1885.302225] Call Trace:
[ 1885.302555]  dump_stack+0x107/0x167
[ 1885.303005]  should_fail.cold+0x5/0xa
[ 1885.303483]  ? create_object.isra.0+0x3a/0xa20
[ 1885.304050]  should_failslab+0x5/0x20
[ 1885.304518]  kmem_cache_alloc+0x5b/0x310
[ 1885.305016]  ? mark_lock+0xf5/0x2df0
[ 1885.305475]  create_object.isra.0+0x3a/0xa20
[ 1885.306015]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1885.306640]  kmem_cache_alloc_node_trace+0x16d/0x340
[ 1885.307267]  __get_vm_area_node+0xd4/0x340
[ 1885.307802]  __vmalloc_node_range+0x13f/0x9e0
[ 1885.308351]  ? n_tty_open+0x16/0x170
[ 1885.308804]  ? n_tty_open+0x16/0x170
[ 1885.309265]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1885.309878]  ? __vmalloc_node+0x110/0x110
[ 1885.310384]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1885.311000]  ? n_tty_open+0x16/0x170
20:10:58 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 21)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:10:58 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x8)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:10:58 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, 0x0, 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:10:58 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 47)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:10:58 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open_by_handle_at(r0, &(0x7f0000000140)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x8, 0x0, 0x7f, 0x20}}, 0x200100)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000002600017eb7fc0100000020000000000000000018000080087363b638ad965ae303ec776a65f2bbe57df2075a5c6a08b4545b47c13198d716f55a01c73846246711a82cc53ddcd8e3cb4b8c44598703080eeefecf6c58d3b74fb1445ab4b2130278647ba6538e57a8268c58be382e78060789b25ed565aac5dffb274e479694ee89c53faf4f7de024fdbb21f8bd2fd3829d51f32767165c17d4ba73a367f5759a10599e79246fb168757b7697515e7cc792e5a9086a0e4b58787fdceb10f76bf94ba0d0a429790ba2", @ANYRES32=0x0, @ANYBLOB='\f\x00'/12], 0x2c}, 0x1, 0x0, 0x0, 0xa0}, 0x0)
r2 = syz_io_uring_setup(0x21, &(0x7f0000000340)={0x0, 0x4000000, 0x2, 0x3, 0x1c}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180), &(0x7f0000000080))
io_uring_enter(0xffffffffffffffff, 0x76d3, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r3 = openat$cgroup(0xffffffffffffffff, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000300)=0x2)
read(0xffffffffffffffff, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
r4 = getpgid(0x0)
syz_open_procfs(r4, &(0x7f0000000640)='net/hci\x00')
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/fib_triestat\x00')

20:10:58 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0) (fail_nth: 40)

20:10:58 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 88)

20:10:58 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000200)=0x3, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x3, 0x0, r3, 0x80, &(0x7f00000015c0)=@can}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x9, 0x13, r0, 0x8000000)
fcntl$notify(r3, 0x402, 0x1)
pipe(&(0x7f0000000280))
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x80000001)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000440), &(0x7f0000001640)=0x14)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
r7 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000300), 0x440e03, 0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000001580)=@IORING_OP_RECVMSG={0xa, 0x3, 0x0, r7, 0x0, &(0x7f0000001540)={&(0x7f0000000340)=@in={0x2, 0x0, @remote}, 0x80, &(0x7f0000001500)=[{&(0x7f00000003c0)=""/6, 0x6}, {&(0x7f0000000400)=""/53, 0x35}, {&(0x7f0000000440)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x4}, 0x0, 0x40, 0x1, {0x2}}, 0x101)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
r8 = mq_open(&(0x7f0000000100)='\x00', 0x80, 0x44, &(0x7f0000000140)={0x6, 0x31eb, 0x41, 0x70d})
read(r8, &(0x7f00000001c0)=""/34, 0x22)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x10, 0x1)

[ 1885.311455]  __vmalloc_node+0xb5/0x110
[ 1885.323723]  ? n_tty_open+0x16/0x170
[ 1885.324178]  n_tty_open+0x16/0x170
[ 1885.324608]  ? n_tty_set_termios+0x1010/0x1010
[ 1885.325160]  tty_ldisc_open+0xa2/0x120
[ 1885.325634]  tty_ldisc_setup+0x43/0x100
[ 1885.326119]  tty_init_dev.part.0+0x1fa/0x610
[ 1885.326654]  ? pty_open+0x310/0x310
[ 1885.327093]  tty_init_dev+0x5b/0x80
[ 1885.327549]  ptmx_open+0x116/0x370
[ 1885.327992]  ? pty_open+0x310/0x310
[ 1885.328434]  chrdev_open+0x268/0x6e0
[ 1885.328887]  ? __unregister_chrdev+0x110/0x110
[ 1885.329445]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1885.330018]  do_dentry_open+0x4b7/0x1090
[ 1885.330517]  ? __unregister_chrdev+0x110/0x110
[ 1885.331069]  ? may_open+0x1e4/0x400
[ 1885.331524]  path_openat+0x19ba/0x2770
[ 1885.332011]  ? path_lookupat+0x860/0x860
[ 1885.332506]  ? lock_acquire+0x197/0x470
[ 1885.332988]  ? find_held_lock+0x2c/0x110
[ 1885.333489]  do_filp_open+0x190/0x3e0
[ 1885.333951]  ? may_open_dev+0xf0/0xf0
[ 1885.334423]  ? do_raw_spin_lock+0x121/0x260
[ 1885.334956]  ? rwlock_bug.part.0+0x90/0x90
[ 1885.335489]  ? _raw_spin_unlock+0x1a/0x30
[ 1885.336001]  ? alloc_fd+0x2e7/0x670
[ 1885.336452]  do_sys_openat2+0x171/0x4d0
[ 1885.336937]  ? build_open_flags+0x6f0/0x6f0
[ 1885.337462]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1885.338050]  ? wait_for_completion_io+0x270/0x270
[ 1885.338640]  __x64_sys_openat+0x13f/0x1f0
[ 1885.339144]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1885.339668]  ? ksys_write+0x1a9/0x260
[ 1885.340136]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1885.340770]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1885.341397]  do_syscall_64+0x33/0x40
[ 1885.341848]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1885.342470] RIP: 0033:0x7f7574521b19
[ 1885.342923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1885.345171] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1885.346103] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1885.346970] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1885.347851] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1885.348721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1885.350067] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:10:58 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1885.369736] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1885.388250] FAULT_INJECTION: forcing a failure.
[ 1885.388250] name failslab, interval 1, probability 0, space 0, times 0
[ 1885.389794] CPU: 1 PID: 9804 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1885.390626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1885.391649] Call Trace:
[ 1885.391979]  dump_stack+0x107/0x167
[ 1885.392443]  should_fail.cold+0x5/0xa
[ 1885.392927]  ? __kernfs_new_node+0xd4/0x860
[ 1885.393455]  should_failslab+0x5/0x20
[ 1885.393920]  kmem_cache_alloc+0x5b/0x310
[ 1885.394419]  __kernfs_new_node+0xd4/0x860
[ 1885.394924]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1885.399617]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1885.400196]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1885.400781]  ? wait_for_completion_io+0x270/0x270
[ 1885.401366]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1885.402002]  kernfs_new_node+0x18d/0x250
[ 1885.402496]  __kernfs_create_file+0x51/0x350
[ 1885.403029]  sysfs_add_file_mode_ns+0x221/0x560
[ 1885.403620]  internal_create_group+0x324/0xb30
[ 1885.404176]  ? sysfs_remove_group+0x170/0x170
[ 1885.404717]  ? kernfs_add_one+0x124/0x4d0
[ 1885.405222]  ? kernfs_create_link+0x1b7/0x230
[ 1885.405766]  internal_create_groups.part.0+0x90/0x140
[ 1885.406390]  sysfs_create_groups+0x25/0x50
[ 1885.406903]  device_add+0x7a9/0x1c50
[ 1885.407358]  ? lockdep_init_map_type+0x2c7/0x780
[ 1885.407947]  ? devlink_add_symlinks+0x970/0x970
[ 1885.408518]  netdev_register_kobject+0x17a/0x3b0
[ 1885.409096]  register_netdevice+0xd6e/0x1480
[ 1885.409636]  ? netdev_change_features+0xb0/0xb0
[ 1885.410226]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1885.410755]  __tun_chr_ioctl+0x2156/0x3f60
[ 1885.411269]  ? lock_downgrade+0x6d0/0x6d0
[ 1885.411800]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1885.412382]  ? tun_chr_poll+0x700/0x700
[ 1885.412869]  ? wait_for_completion_io+0x270/0x270
[ 1885.413458]  ? selinux_file_ioctl+0xb6/0x270
[ 1885.413993]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1885.414537]  __x64_sys_ioctl+0x19a/0x210
[ 1885.415029]  do_syscall_64+0x33/0x40
[ 1885.419507]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1885.420142] RIP: 0033:0x7f7955930b19
[ 1885.420596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1885.422914] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1885.423853] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1885.424714] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1885.425576] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1885.426435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1885.427296] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1885.544912] FAULT_INJECTION: forcing a failure.
[ 1885.544912] name failslab, interval 1, probability 0, space 0, times 0
[ 1885.546547] CPU: 0 PID: 9796 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1885.547383] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1885.548420] Call Trace:
[ 1885.548757]  dump_stack+0x107/0x167
[ 1885.549204]  should_fail.cold+0x5/0xa
[ 1885.549673]  ? create_object.isra.0+0x3a/0xa20
[ 1885.550236]  should_failslab+0x5/0x20
[ 1885.550703]  kmem_cache_alloc+0x5b/0x310
[ 1885.551204]  create_object.isra.0+0x3a/0xa20
[ 1885.551755]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1885.552379]  kmem_cache_alloc+0x159/0x310
[ 1885.552894]  __kernfs_new_node+0xd4/0x860
[ 1885.553432]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1885.554043]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1885.554660]  ? wait_for_completion_io+0x270/0x270
[ 1885.555282]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1885.555942]  kernfs_new_node+0x18d/0x250
[ 1885.556447]  __kernfs_create_file+0x51/0x350
[ 1885.556986]  sysfs_add_file_mode_ns+0x221/0x560
[ 1885.557560]  internal_create_group+0x324/0xb30
[ 1885.558136]  ? sysfs_remove_group+0x170/0x170
[ 1885.558683]  ? kernfs_add_one+0x124/0x4d0
[ 1885.559193]  ? kernfs_create_link+0x1b7/0x230
[ 1885.559760]  internal_create_groups.part.0+0x90/0x140
[ 1885.560389]  sysfs_create_groups+0x25/0x50
[ 1885.560904]  device_add+0x7a9/0x1c50
[ 1885.561364]  ? lockdep_init_map_type+0x2c7/0x780
[ 1885.561938]  ? devlink_add_symlinks+0x970/0x970
[ 1885.562513]  netdev_register_kobject+0x17a/0x3b0
[ 1885.563093]  register_netdevice+0xd6e/0x1480
[ 1885.563648]  ? netdev_change_features+0xb0/0xb0
[ 1885.564219]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1885.564759]  __tun_chr_ioctl+0x2156/0x3f60
[ 1885.565284]  ? lock_downgrade+0x6d0/0x6d0
[ 1885.565789]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1885.566376]  ? tun_chr_poll+0x700/0x700
[ 1885.566863]  ? wait_for_completion_io+0x270/0x270
[ 1885.567459]  ? selinux_file_ioctl+0xb6/0x270
[ 1885.568018]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1885.568569]  __x64_sys_ioctl+0x19a/0x210
[ 1885.569069]  do_syscall_64+0x33/0x40
[ 1885.569522]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1885.570147] RIP: 0033:0x7fc68ced6b19
[ 1885.570601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1885.572857] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1885.573790] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1885.574659] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1885.575538] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1885.576408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1885.577277] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1885.584841] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
20:11:13 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr$security_ima(r0, &(0x7f0000000100), &(0x7f0000000140)=@md5={0x1, "4f5612b543057850668f01897a57ae46"}, 0x11, 0x2)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="74724a8f733d66642c7266646e6f3d", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',msize=0x0000000000800003,\x00'])
r2 = syz_io_uring_setup(0x3eb6, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x6, 0x3b9, 0x0, r1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3, 0x810, r0, 0x8000000)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r8, @ANYBLOB="2c646e6f3d0000faefaef3b40af98855e1e91342b837e0f89c442595e04422ef908d6bd2d55a478146db96f2aec4b236b81446d1ef9ca65413ff379f35e66ee372847309ecb1b6927f3279c7314e30ad238a063947b50605cf528e36c2da2ce34f5edf776a0221e95028d3667a", @ANYRESHEX=r2, @ANYBLOB=',cache=fscache,access=user,noextend,cache=none,fsuuid=eb191d3\a-66fa-7d30-9ba4-9557bb8a,context=staff_u,\x00'])
syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r8, 0x0, 0x0}, 0x80000001)
pipe(&(0x7f00000001c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
recvmsg$unix(r9, &(0x7f0000000440)={&(0x7f0000000300), 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000500)=""/159, 0x9f}, {&(0x7f0000000780)=""/158, 0x9e}, {&(0x7f0000000400)=""/26, 0x1a}, {&(0x7f0000000840)=""/222, 0xde}, {&(0x7f0000000940)=""/140, 0x8c}], 0x5}, 0x0)
io_uring_enter(r2, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:11:13 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 22)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:11:13 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0xa)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:11:13 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 89)

20:11:13 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

[ 1900.475391] FAULT_INJECTION: forcing a failure.
[ 1900.475391] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.477060] CPU: 0 PID: 9833 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1900.477957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.478967] Call Trace:
[ 1900.479301]  dump_stack+0x107/0x167
[ 1900.479747]  should_fail.cold+0x5/0xa
[ 1900.480236]  ? alloc_vmap_area+0x148/0x1d10
[ 1900.480765]  should_failslab+0x5/0x20
[ 1900.481231]  kmem_cache_alloc_node+0x55/0x330
[ 1900.481781]  alloc_vmap_area+0x148/0x1d10
[ 1900.482287]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1900.482931]  ? mark_held_locks+0x9e/0xe0
[ 1900.483434]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1900.483985]  ? kasan_unpoison_shadow+0x33/0x50
[ 1900.484552]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1900.485172]  __get_vm_area_node+0x127/0x340
[ 1900.485702]  __vmalloc_node_range+0x13f/0x9e0
[ 1900.486249]  ? n_tty_open+0x16/0x170
[ 1900.486701]  ? n_tty_open+0x16/0x170
[ 1900.487156]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1900.487767]  ? __vmalloc_node+0x110/0x110
[ 1900.488301]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1900.488916]  ? n_tty_open+0x16/0x170
[ 1900.489369]  __vmalloc_node+0xb5/0x110
[ 1900.489846]  ? n_tty_open+0x16/0x170
[ 1900.490304]  n_tty_open+0x16/0x170
[ 1900.490736]  ? n_tty_set_termios+0x1010/0x1010
[ 1900.491291]  tty_ldisc_open+0xa2/0x120
[ 1900.491766]  tty_ldisc_setup+0x43/0x100
[ 1900.491916] FAULT_INJECTION: forcing a failure.
[ 1900.491916] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.492273]  tty_init_dev.part.0+0x1fa/0x610
[ 1900.492288]  ? pty_open+0x310/0x310
[ 1900.492298]  tty_init_dev+0x5b/0x80
[ 1900.492317]  ptmx_open+0x116/0x370
[ 1900.495500]  ? pty_open+0x310/0x310
[ 1900.495941]  chrdev_open+0x268/0x6e0
[ 1900.496412]  ? __unregister_chrdev+0x110/0x110
[ 1900.496971]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1900.497545]  do_dentry_open+0x4b7/0x1090
[ 1900.498042]  ? __unregister_chrdev+0x110/0x110
[ 1900.498595]  ? may_open+0x1e4/0x400
[ 1900.499041]  path_openat+0x19ba/0x2770
[ 1900.499522]  ? path_lookupat+0x860/0x860
[ 1900.500025]  ? lock_acquire+0x197/0x470
[ 1900.500514]  ? find_held_lock+0x2c/0x110
[ 1900.501018]  do_filp_open+0x190/0x3e0
[ 1900.501501]  ? may_open_dev+0xf0/0xf0
[ 1900.501998]  ? do_raw_spin_lock+0x121/0x260
[ 1900.502549]  ? rwlock_bug.part.0+0x90/0x90
[ 1900.503099]  ? _raw_spin_unlock+0x1a/0x30
[ 1900.503601]  ? alloc_fd+0x2e7/0x670
[ 1900.504074]  do_sys_openat2+0x171/0x4d0
[ 1900.504567]  ? build_open_flags+0x6f0/0x6f0
[ 1900.505093]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.505680]  ? wait_for_completion_io+0x270/0x270
[ 1900.506272]  __x64_sys_openat+0x13f/0x1f0
[ 1900.506774]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1900.507288]  ? ksys_write+0x1a9/0x260
[ 1900.507755]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1900.508422]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1900.509052]  do_syscall_64+0x33/0x40
[ 1900.509505]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1900.510131] RIP: 0033:0x7f7574521b19
[ 1900.510587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.512900] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1900.513822] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1900.514686] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1900.515550] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.516455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.517320] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1900.518207] CPU: 1 PID: 9832 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1900.518372] syz-executor.7: vmalloc: allocation failure: 9120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[ 1900.519055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.519060] Call Trace:
[ 1900.519089]  dump_stack+0x107/0x167
[ 1900.520463] ,cpuset=
[ 1900.521399]  should_fail.cold+0x5/0xa
[ 1900.521417]  ? __kernfs_new_node+0xd4/0x860
[ 1900.521437]  should_failslab+0x5/0x20
[ 1900.521757] syz7
[ 1900.522183]  kmem_cache_alloc+0x5b/0x310
[ 1900.522203]  __kernfs_new_node+0xd4/0x860
[ 1900.522510] ,mems_allowed=0
[ 1900.522940]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1900.522959]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.522975]  ? wait_for_completion_io+0x270/0x270
[ 1900.522998]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1900.523513] 
[ 1900.523970]  kernfs_new_node+0x18d/0x250
[ 1900.523986]  __kernfs_create_file+0x51/0x350
[ 1900.524009]  sysfs_add_file_mode_ns+0x221/0x560
[ 1900.529696]  internal_create_group+0x324/0xb30
[ 1900.530259]  ? sysfs_remove_group+0x170/0x170
[ 1900.530803]  ? kernfs_add_one+0x124/0x4d0
[ 1900.531312]  ? kernfs_create_link+0x1b7/0x230
[ 1900.531861]  internal_create_groups.part.0+0x90/0x140
[ 1900.532507]  sysfs_create_groups+0x25/0x50
[ 1900.533025]  device_add+0x7a9/0x1c50
[ 1900.533483]  ? lockdep_init_map_type+0x2c7/0x780
[ 1900.534061]  ? devlink_add_symlinks+0x970/0x970
[ 1900.534634]  netdev_register_kobject+0x17a/0x3b0
[ 1900.535217]  register_netdevice+0xd6e/0x1480
[ 1900.535755]  ? netdev_change_features+0xb0/0xb0
[ 1900.536346]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1900.536879]  __tun_chr_ioctl+0x2156/0x3f60
[ 1900.537399]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.537903]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.538491]  ? tun_chr_poll+0x700/0x700
[ 1900.538978]  ? wait_for_completion_io+0x270/0x270
[ 1900.539573]  ? selinux_file_ioctl+0xb6/0x270
[ 1900.540133]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1900.540684]  __x64_sys_ioctl+0x19a/0x210
[ 1900.541183]  do_syscall_64+0x33/0x40
[ 1900.541656]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1900.542298] RIP: 0033:0x7f7955930b19
[ 1900.542750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.544992] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1900.545915] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1900.546781] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1900.547646] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.548523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.549388] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1900.550275] CPU: 0 PID: 9833 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1900.551121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.552144] Call Trace:
[ 1900.552471]  dump_stack+0x107/0x167
[ 1900.552937]  warn_alloc.cold+0x95/0x18a
[ 1900.553425]  ? zone_watermark_ok_safe+0x260/0x260
[ 1900.554012]  ? slab_free_freelist_hook+0xa9/0x180
[ 1900.554599]  ? __get_vm_area_node+0x2cf/0x340
[ 1900.555148]  ? kasan_unpoison_shadow+0x33/0x50
[ 1900.555707]  ? __get_vm_area_node+0x262/0x340
[ 1900.556270]  __vmalloc_node_range+0x58f/0x9e0
[ 1900.556815]  ? n_tty_open+0x16/0x170
[ 1900.557269]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1900.557885]  ? __vmalloc_node+0x110/0x110
[ 1900.558403]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1900.559020]  ? n_tty_open+0x16/0x170
[ 1900.559476]  __vmalloc_node+0xb5/0x110
[ 1900.559953]  ? n_tty_open+0x16/0x170
[ 1900.568181]  n_tty_open+0x16/0x170
[ 1900.568614]  ? n_tty_set_termios+0x1010/0x1010
[ 1900.569166]  tty_ldisc_open+0xa2/0x120
[ 1900.569639]  tty_ldisc_setup+0x43/0x100
[ 1900.570122]  tty_init_dev.part.0+0x1fa/0x610
[ 1900.570660]  ? pty_open+0x310/0x310
[ 1900.571099]  tty_init_dev+0x5b/0x80
[ 1900.571542]  ptmx_open+0x116/0x370
[ 1900.571976]  ? pty_open+0x310/0x310
[ 1900.572439]  chrdev_open+0x268/0x6e0
[ 1900.572893]  ? __unregister_chrdev+0x110/0x110
[ 1900.573447]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1900.574019]  do_dentry_open+0x4b7/0x1090
[ 1900.574512]  ? __unregister_chrdev+0x110/0x110
[ 1900.575066]  ? may_open+0x1e4/0x400
[ 1900.575509]  path_openat+0x19ba/0x2770
[ 1900.575992]  ? path_lookupat+0x860/0x860
[ 1900.576497]  ? lock_acquire+0x197/0x470
[ 1900.576979]  ? find_held_lock+0x2c/0x110
[ 1900.577479]  do_filp_open+0x190/0x3e0
[ 1900.577940]  ? may_open_dev+0xf0/0xf0
[ 1900.578412]  ? do_raw_spin_lock+0x121/0x260
[ 1900.578936]  ? rwlock_bug.part.0+0x90/0x90
[ 1900.579455]  ? _raw_spin_unlock+0x1a/0x30
[ 1900.579959]  ? alloc_fd+0x2e7/0x670
[ 1900.580431]  do_sys_openat2+0x171/0x4d0
[ 1900.580917]  ? build_open_flags+0x6f0/0x6f0
[ 1900.581439]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.582027]  ? wait_for_completion_io+0x270/0x270
[ 1900.582617]  __x64_sys_openat+0x13f/0x1f0
[ 1900.583120]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1900.583632]  ? ksys_write+0x1a9/0x260
[ 1900.584114]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1900.584750]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1900.585378]  do_syscall_64+0x33/0x40
[ 1900.585829]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1900.586451] RIP: 0033:0x7f7574521b19
[ 1900.586906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.589181] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1900.590105] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1900.590970] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1900.591832] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.596720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.597588] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1900.598628] Mem-Info:
[ 1900.599013] active_anon:56 inactive_anon:53375 isolated_anon:0
[ 1900.599013]  active_file:15172 inactive_file:73067 isolated_file:0
[ 1900.599013]  unevictable:0 dirty:280 writeback:0
[ 1900.599013]  slab_reclaimable:8954 slab_unreclaimable:63730
[ 1900.599013]  mapped:82322 shmem:662 pagetables:1593 bounce:0
[ 1900.599013]  free:91831 free_pcp:353 free_cma:0
[ 1900.602922] Node 0 active_anon:224kB inactive_anon:213500kB active_file:60688kB inactive_file:292268kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:329288kB dirty:1204kB writeback:0kB shmem:2648kB writeback_tmp:0kB kernel_stack:4640kB all_unreclaimable? no
[ 1900.605860] Node 0 DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1900.609127] lowmem_reserve[]: 0 1616 1616 1616
[ 1900.609728] Node 0 DMA32 free:349392kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:224kB inactive_anon:213584kB active_file:60688kB inactive_file:292268kB unevictable:0kB writepending:1268kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:6372kB bounce:0kB free_pcp:1304kB local_pcp:1176kB free_cma:0kB
[ 1900.613384] lowmem_reserve[]: 0 0 0 0
[ 1900.613882] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1900.615721] Node 0 DMA32: 364*4kB (ME) 734*8kB (UME) 142*16kB (UME) 223*32kB (UME) 134*64kB (UM) 101*128kB (UME) 57*256kB (UME) 37*512kB (UM) 21*1024kB (U) 18*2048kB (UM) 53*4096kB (UM) = 347232kB
[ 1900.618213] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1900.624686] 30624 total pagecache pages
[ 1900.625270] 0 pages in swap cache
[ 1900.625695] Swap cache stats: add 0, delete 0, find 0/0
[ 1900.626388] Free swap  = 0kB
[ 1900.626788] Total swap = 0kB
[ 1900.627244] 524158 pages RAM
[ 1900.627611] 0 pages HighMem/MovableOnly
[ 1900.628181] 105064 pages reserved
[ 1900.628629] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:11:13 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x8, 0x1, 0x0, 0x0)

20:11:13 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, 0x0, 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:11:13 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 48)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1900.650934] FAULT_INJECTION: forcing a failure.
[ 1900.650934] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.660778] CPU: 1 PID: 9844 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1900.661616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.662638] Call Trace:
[ 1900.662971]  dump_stack+0x107/0x167
[ 1900.663423]  should_fail.cold+0x5/0xa
20:11:14 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000002a40)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
r6 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x0, @fd_index=0x7, 0x7fff, 0x0, 0xcb08, 0x16, 0x1, {0x3, r9}}, 0x5)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r10, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1900.663901]  ? __kernfs_new_node+0xd4/0x860
[ 1900.664453]  should_failslab+0x5/0x20
[ 1900.664919]  kmem_cache_alloc+0x5b/0x310
[ 1900.672129]  __kernfs_new_node+0xd4/0x860
[ 1900.672638]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1900.673217]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.673803]  ? wait_for_completion_io+0x270/0x270
[ 1900.674388]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1900.675027]  kernfs_new_node+0x18d/0x250
[ 1900.675522]  __kernfs_create_file+0x51/0x350
[ 1900.676071]  sysfs_add_file_mode_ns+0x221/0x560
[ 1900.676644]  internal_create_group+0x324/0xb30
[ 1900.677201]  ? sysfs_remove_group+0x170/0x170
[ 1900.677743]  ? kernfs_add_one+0x124/0x4d0
[ 1900.678247]  ? kernfs_create_link+0x1b7/0x230
[ 1900.678793]  internal_create_groups.part.0+0x90/0x140
[ 1900.679417]  sysfs_create_groups+0x25/0x50
[ 1900.679930]  device_add+0x7a9/0x1c50
[ 1900.680398]  ? lockdep_init_map_type+0x2c7/0x780
[ 1900.680972]  ? devlink_add_symlinks+0x970/0x970
[ 1900.681545]  netdev_register_kobject+0x17a/0x3b0
[ 1900.682123]  register_netdevice+0xd6e/0x1480
[ 1900.682662]  ? netdev_change_features+0xb0/0xb0
[ 1900.683229]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1900.683760]  __tun_chr_ioctl+0x2156/0x3f60
[ 1900.684286]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.684790]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.685374]  ? tun_chr_poll+0x700/0x700
[ 1900.685858]  ? wait_for_completion_io+0x270/0x270
[ 1900.686451]  ? selinux_file_ioctl+0xb6/0x270
[ 1900.686990]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1900.687537]  __x64_sys_ioctl+0x19a/0x210
[ 1900.688038]  do_syscall_64+0x33/0x40
[ 1900.688493]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1900.689141] RIP: 0033:0x7fc68ced6b19
[ 1900.689614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.691946] RSP: 002b:00007fc68a40a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1900.692891] RAX: ffffffffffffffda RBX: 00007fc68cfea0e0 RCX: 00007fc68ced6b19
[ 1900.693753] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000004
[ 1900.694616] RBP: 00007fc68a40a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.695479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.696355] R13: 00007ffdbad4d89f R14: 00007fc68a40a300 R15: 0000000000022000
20:11:14 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 90)

20:11:14 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x10)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:11:14 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 23)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:11:14 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x417, 0x1, 0x0, 0x0)

[ 1900.819606] FAULT_INJECTION: forcing a failure.
[ 1900.819606] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.825349] CPU: 0 PID: 9857 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1900.826244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.827330] Call Trace:
[ 1900.827688]  dump_stack+0x107/0x167
[ 1900.828217]  should_fail.cold+0x5/0xa
[ 1900.828735]  ? __kernfs_new_node+0xd4/0x860
[ 1900.829337]  should_failslab+0x5/0x20
[ 1900.829845]  kmem_cache_alloc+0x5b/0x310
[ 1900.830385]  __kernfs_new_node+0xd4/0x860
[ 1900.830939]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1900.831597]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.832253]  ? wait_for_completion_io+0x270/0x270
[ 1900.832897]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1900.833602]  kernfs_new_node+0x18d/0x250
[ 1900.834150]  __kernfs_create_file+0x51/0x350
[ 1900.834729]  sysfs_add_file_mode_ns+0x221/0x560
[ 1900.835357]  internal_create_group+0x324/0xb30
[ 1900.835966]  ? sysfs_remove_group+0x170/0x170
[ 1900.836580]  ? kernfs_add_one+0x124/0x4d0
[ 1900.837147]  ? kernfs_create_link+0x1b7/0x230
[ 1900.837746]  internal_create_groups.part.0+0x90/0x140
[ 1900.838430]  sysfs_create_groups+0x25/0x50
[ 1900.838994]  device_add+0x7a9/0x1c50
[ 1900.839498]  ? lockdep_init_map_type+0x2c7/0x780
[ 1900.840147]  ? devlink_add_symlinks+0x970/0x970
[ 1900.840782]  netdev_register_kobject+0x17a/0x3b0
[ 1900.841421]  register_netdevice+0xd6e/0x1480
[ 1900.842012]  ? netdev_change_features+0xb0/0xb0
[ 1900.842642]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1900.843227]  __tun_chr_ioctl+0x2156/0x3f60
20:11:14 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 49)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1900.843797]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.844369]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.845014]  ? tun_chr_poll+0x700/0x700
[ 1900.845548]  ? wait_for_completion_io+0x270/0x270
[ 1900.846193]  ? selinux_file_ioctl+0xb6/0x270
[ 1900.852340]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1900.852934]  __x64_sys_ioctl+0x19a/0x210
[ 1900.853483]  do_syscall_64+0x33/0x40
[ 1900.853978]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1900.854663] RIP: 0033:0x7f7955930b19
[ 1900.855152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.857590] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1900.858603] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1900.859546] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1900.860505] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.861452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.862399] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1900.868789] FAULT_INJECTION: forcing a failure.
[ 1900.868789] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.870364] CPU: 0 PID: 9859 Comm: syz-executor.7 Not tainted 5.10.226 #1
20:11:14 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x8, 0x0, 0x0)

[ 1900.871274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.876352] Call Trace:
[ 1900.876699]  dump_stack+0x107/0x167
[ 1900.877147]  should_fail.cold+0x5/0xa
[ 1900.877616]  ? create_object.isra.0+0x3a/0xa20
[ 1900.878173]  should_failslab+0x5/0x20
[ 1900.878636]  kmem_cache_alloc+0x5b/0x310
[ 1900.879130]  ? tty_ldisc_setup+0x43/0x100
[ 1900.879631]  ? tty_init_dev.part.0+0x1fa/0x610
[ 1900.880235]  create_object.isra.0+0x3a/0xa20
[ 1900.880770]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1900.881390]  kmem_cache_alloc_node+0x169/0x330
[ 1900.881948]  alloc_vmap_area+0x148/0x1d10
[ 1900.882451]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1900.883092]  ? mark_held_locks+0x9e/0xe0
[ 1900.883592]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1900.884189]  ? kasan_unpoison_shadow+0x33/0x50
[ 1900.884786]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1900.885456]  __get_vm_area_node+0x127/0x340
[ 1900.886043]  __vmalloc_node_range+0x13f/0x9e0
[ 1900.886647]  ? n_tty_open+0x16/0x170
[ 1900.887156]  ? n_tty_open+0x16/0x170
[ 1900.887653]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1900.888368]  ? __vmalloc_node+0x110/0x110
[ 1900.888931]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1900.889606]  ? n_tty_open+0x16/0x170
[ 1900.890119]  __vmalloc_node+0xb5/0x110
[ 1900.890643]  ? n_tty_open+0x16/0x170
[ 1900.891165]  n_tty_open+0x16/0x170
[ 1900.891649]  ? n_tty_set_termios+0x1010/0x1010
[ 1900.892270]  tty_ldisc_open+0xa2/0x120
[ 1900.892805]  tty_ldisc_setup+0x43/0x100
[ 1900.893349]  tty_init_dev.part.0+0x1fa/0x610
[ 1900.893958]  ? pty_open+0x310/0x310
[ 1900.894461]  tty_init_dev+0x5b/0x80
[ 1900.894970]  ptmx_open+0x116/0x370
[ 1900.895457]  ? pty_open+0x310/0x310
[ 1900.895964]  chrdev_open+0x268/0x6e0
[ 1900.896474]  ? __unregister_chrdev+0x110/0x110
[ 1900.897109]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1900.897743]  do_dentry_open+0x4b7/0x1090
[ 1900.898304]  ? __unregister_chrdev+0x110/0x110
[ 1900.898924]  ? may_open+0x1e4/0x400
[ 1900.899434]  path_openat+0x19ba/0x2770
[ 1900.899972]  ? path_lookupat+0x860/0x860
[ 1900.900549]  ? lock_acquire+0x197/0x470
[ 1900.901091]  ? find_held_lock+0x2c/0x110
[ 1900.901662]  do_filp_open+0x190/0x3e0
[ 1900.902178]  ? may_open_dev+0xf0/0xf0
[ 1900.902703]  ? do_raw_spin_lock+0x121/0x260
[ 1900.903292]  ? rwlock_bug.part.0+0x90/0x90
[ 1900.903873]  ? _raw_spin_unlock+0x1a/0x30
[ 1900.904456]  ? alloc_fd+0x2e7/0x670
[ 1900.904962]  do_sys_openat2+0x171/0x4d0
[ 1900.905511]  ? build_open_flags+0x6f0/0x6f0
[ 1900.906105]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.906766]  ? wait_for_completion_io+0x270/0x270
[ 1900.907428]  __x64_sys_openat+0x13f/0x1f0
[ 1900.908000]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1900.908538]  ? ksys_write+0x1a9/0x260
[ 1900.909012]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1900.909648]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1900.910276]  do_syscall_64+0x33/0x40
[ 1900.910726]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1900.911346] RIP: 0033:0x7f7574521b19
[ 1900.911797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.914149] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1900.915161] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1900.916123] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1900.917047] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.917963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.918893] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1900.923636] FAULT_INJECTION: forcing a failure.
[ 1900.923636] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.928710] CPU: 1 PID: 9864 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1900.929541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.930546] Call Trace:
[ 1900.930875]  dump_stack+0x107/0x167
[ 1900.931342]  should_fail.cold+0x5/0xa
[ 1900.931831]  ? create_object.isra.0+0x3a/0xa20
[ 1900.936427]  should_failslab+0x5/0x20
[ 1900.936892]  kmem_cache_alloc+0x5b/0x310
[ 1900.937389]  create_object.isra.0+0x3a/0xa20
[ 1900.937922]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1900.938541]  kmem_cache_alloc+0x159/0x310
[ 1900.939052]  __kernfs_new_node+0xd4/0x860
[ 1900.939559]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1900.944163]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.944751]  ? wait_for_completion_io+0x270/0x270
[ 1900.945339]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1900.945982]  kernfs_new_node+0x18d/0x250
[ 1900.946478]  __kernfs_create_file+0x51/0x350
[ 1900.947015]  sysfs_add_file_mode_ns+0x221/0x560
[ 1900.947584]  internal_create_group+0x324/0xb30
[ 1900.948156]  ? sysfs_remove_group+0x170/0x170
[ 1900.948699]  ? kernfs_add_one+0x124/0x4d0
[ 1900.949206]  ? kernfs_create_link+0x1b7/0x230
[ 1900.949753]  internal_create_groups.part.0+0x90/0x140
[ 1900.950379]  sysfs_create_groups+0x25/0x50
[ 1900.950893]  device_add+0x7a9/0x1c50
[ 1900.951351]  ? lockdep_init_map_type+0x2c7/0x780
[ 1900.951924]  ? devlink_add_symlinks+0x970/0x970
[ 1900.952508]  netdev_register_kobject+0x17a/0x3b0
[ 1900.953088]  register_netdevice+0xd6e/0x1480
[ 1900.953625]  ? netdev_change_features+0xb0/0xb0
[ 1900.954194]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1900.954725]  __tun_chr_ioctl+0x2156/0x3f60
[ 1900.955240]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.955744]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1900.956341]  ? tun_chr_poll+0x700/0x700
[ 1900.956826]  ? wait_for_completion_io+0x270/0x270
[ 1900.957419]  ? selinux_file_ioctl+0xb6/0x270
[ 1900.957957]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1900.958506]  __x64_sys_ioctl+0x19a/0x210
[ 1900.959001]  do_syscall_64+0x33/0x40
[ 1900.959453]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1900.960084] RIP: 0033:0x7fc68ced6b19
[ 1900.960538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.962760] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1900.963685] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1900.964561] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1900.965428] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.966294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.967161] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:11:28 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, 0x0, 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:11:28 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

[ 1914.901775] FAULT_INJECTION: forcing a failure.
[ 1914.901775] name failslab, interval 1, probability 0, space 0, times 0
[ 1914.903214] CPU: 0 PID: 9891 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1914.904043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1914.905067] Call Trace:
[ 1914.905399]  dump_stack+0x107/0x167
[ 1914.905845]  should_fail.cold+0x5/0xa
[ 1914.906313]  ? kmemleak_scan_area+0xa6/0x360
[ 1914.906854]  should_failslab+0x5/0x20
[ 1914.907319]  kmem_cache_alloc+0x5b/0x310
[ 1914.907819]  kmemleak_scan_area+0xa6/0x360
[ 1914.908340]  alloc_vmap_area+0x171/0x1d10
[ 1914.908869]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1914.909514]  ? mark_held_locks+0x9e/0xe0
[ 1914.910021]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1914.910570]  ? kasan_unpoison_shadow+0x33/0x50
[ 1914.911128]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1914.911749]  __get_vm_area_node+0x127/0x340
[ 1914.912280]  __vmalloc_node_range+0x13f/0x9e0
[ 1914.912860]  ? n_tty_open+0x16/0x170
[ 1914.913314]  ? n_tty_open+0x16/0x170
[ 1914.913775]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1914.914387]  ? __vmalloc_node+0x110/0x110
[ 1914.914891]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1914.915502]  ? n_tty_open+0x16/0x170
[ 1914.915955]  __vmalloc_node+0xb5/0x110
[ 1914.916428]  ? n_tty_open+0x16/0x170
[ 1914.916925]  n_tty_open+0x16/0x170
[ 1914.917358]  ? n_tty_set_termios+0x1010/0x1010
[ 1914.917927]  tty_ldisc_open+0xa2/0x120
[ 1914.918425]  tty_ldisc_setup+0x43/0x100
[ 1914.918933]  tty_init_dev.part.0+0x1fa/0x610
[ 1914.919485]  ? pty_open+0x310/0x310
[ 1914.919932]  tty_init_dev+0x5b/0x80
[ 1914.920378]  ptmx_open+0x116/0x370
[ 1914.920837]  ? pty_open+0x310/0x310
[ 1914.921281]  chrdev_open+0x268/0x6e0
[ 1914.921736]  ? __unregister_chrdev+0x110/0x110
[ 1914.922295]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1914.922875]  do_dentry_open+0x4b7/0x1090
[ 1914.923370]  ? __unregister_chrdev+0x110/0x110
[ 1914.923926]  ? may_open+0x1e4/0x400
[ 1914.924372]  path_openat+0x19ba/0x2770
[ 1914.924885]  ? path_lookupat+0x860/0x860
[ 1914.925383]  ? lock_acquire+0x197/0x470
[ 1914.925873]  ? find_held_lock+0x2c/0x110
[ 1914.926378]  do_filp_open+0x190/0x3e0
[ 1914.926841]  ? may_open_dev+0xf0/0xf0
[ 1914.927316]  ? do_raw_spin_lock+0x121/0x260
[ 1914.927844]  ? rwlock_bug.part.0+0x90/0x90
[ 1914.928366]  ? _raw_spin_unlock+0x1a/0x30
[ 1914.928902]  ? alloc_fd+0x2e7/0x670
[ 1914.929355]  do_sys_openat2+0x171/0x4d0
[ 1914.929843]  ? build_open_flags+0x6f0/0x6f0
[ 1914.930367]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1914.930957]  ? wait_for_completion_io+0x270/0x270
[ 1914.931550]  __x64_sys_openat+0x13f/0x1f0
[ 1914.932056]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1914.932595]  ? ksys_write+0x1a9/0x260
[ 1914.933075]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1914.933714]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1914.934345]  do_syscall_64+0x33/0x40
[ 1914.934799]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1914.935424] RIP: 0033:0x7f7574521b19
[ 1914.935885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1914.938171] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1914.939100] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1914.939968] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1914.940906] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1914.941776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1914.942645] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:11:28 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x18)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:11:28 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 24)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:11:28 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 50)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:11:28 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 91)

20:11:28 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x417, 0x0, 0x0)

20:11:28 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
syz_io_uring_submit(r5, r2, &(0x7f0000000280)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x70)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
ioctl$FS_IOC_ENABLE_VERITY(r4, 0x40806685, &(0x7f0000000340)={0x1, 0x3, 0x1000, 0x0, &(0x7f0000000300), 0x1000, 0x0, &(0x7f0000000500)="cff4e1785a0d6fbdbc62305fbd4cfae21f93e053386862dfbabac0014f4a1618433c418ebf721b7c92d6c4d75b79e30660e73d60a823983ac8abdea174ee136ffbf1f97fe9cc0907249ddc746671aa0ad7995453b2124d75f9fbf0691f013f92c232f96b690a1b9ce58cf05cb1ad5fa55a740649829fc28d0902198a6612afbfed5fa0e30ffa835955d4e7c16feca2a3bc5af384cceddcd6e61af1cb3a1cd3024f895838b6fd8ddb55cd564f052015b3e1ad5f0acc3c694dc1fdfbf6dc7ec667450372208cbafaf4495c13b52c02d2e4f95548e472a9230dff4b4df99684880a328f58fbb3480eca1e235efdca4459117556113182565a805b6ef7b812acd45cffc2824a8d61c0a59ed9c9de36e3aa20a02fea968828e530425f453a8ffbacca19d5c23fcdf78df05fc6d3d82fc9ddaa3c98e397f4f0effcfde43457eb6e3333e2e5d8c20005c456a56e2d8f3befa512b96b4aaa79e3beb826cdc10059cab23739757d7949729cf84fca03563deda7ca4e509c6a1a6f2f34d0121b4b555608d34ad0eab358495916d530876c4933dc90519a6166c3f369fe39297d3957d1327e38568b1d5122f28921d283c60ea68761d6dfb1e4032cb382e5e5514636a87808b5717fb13b735deac3e5734dd09dedf981d834e5063b4729d526c3ed71d7dcd73ec28bb871541f8d3add01d6206992f294a3e51b51682921190bb5a1dcfb3ad70afada3d663be82935af5fd33f21a6ad2afa14fa4077a92f71e07ff30addf0b1d84c404576ca777aa2bed9b9052d42df5cfaa343649a7acc4c154f76b06e9a3ad1c58cae4d13affa1397518ea34633761f297d34aeb81aa1f08789c25868dd74079be4a5b8e9a07b1a572d7f4d53add1ca1ac8b5e2ac5157b310cc53a05305ea078fdf5bdd36ebc20b94e977c5385d69bb883192d6f08422c2b3d2fc5a5da2d7824a1a4a32ccfa8e9c169de4aa01dc0a178ca93e309e97ec84123ca3c84e394a93d04a1aef1ec8980fd54202f3954ed37dbcba0150fd0066ecdd70d960805ddb5822bc43df89959dfdbde732d9137a9832324657a54d2a06a72ca83bf2f46be27becdc9c19df437eee6f5bbac1f2ae1b846904a67ad088aa2630a63c520688ebb09c1ba0b53b6bf38c8495abf6ddc2e9072030b2ee99d776c6f0b7703e8e37756eb4f6578b736599efaa121abb09800f91e2f70e05a7930a680a4f643b78a33238a2730b956e5db97bba65c0a502887ea4f2316dcd9d19e3da6092bc7bf91ec7a78d5996ad6f9cb11d87e8fb1c7dfe4283ea26d34ccc32e9a63fecd4e5f96c404f934a32989b462991ef430eebff705c42cdf5942ef085215c5d16f7af5d38167f9506f3b0cc96e7b7886979906f19879b2f3a65891e5399ab2a219758fc6999a4676f134baa14d5977449ba0c3c11ae75b9887f364988cec67bf63e040b92b3eebe4f987a98d64bd92bf2b7e27a5542c22cd1dfc8cc61286340b591633afb648c041b401ad8ba4b90997e77da3fff0ac4e58221dbfc6441194f720782d2b501ac92d8a1060e261253c7c6d8dad180cb1853d047c0b5947ea4a44cef15f5e18a096b205d49edd0c9bac8de8f85e125cd2c4c9cb4833f9ecf9afbad709e96b360cae437a7374418bca1b41a97e9bdd87ac14bd0bd30283ce9c66dfe996ab6b8cf070f9973e7fbc64681f8ce901b186f8c69cdc7f9eab33c37b01ab29b76c97477f72773ad7dce6c9f7889dc634a5c2f0330484be9a002244af783dc09cd955a20167a8b189b75e05e2e94a1e6d0b6652521d6fa4603cfccd6896970a318af1394f99004ba4c31d724e5645fa140e015aa4098fc7f3611845b5e15cebb061bc5e9120c47c0fd916570fea642a927b10e782047056b3e1a3ea7280073def7371a582c812862ab709a61fe01814b1bfd6ae733f3e97def3015ce3efc03b9cc46b3fbb8f4f0ea27033483ee005f0ee2c41065f40e129a2ed197f6fa610430950ecdd66a48ed52efef322a5330a6a34d6080ba81fa9726410ebbdeac592459252132472fb7a25c3095c12c94d887b9a3eac64ab2ff1d9e1a7a052f50d15c0908be4aa82eddd95d68486db8f116da579eff4818692994404b96b146000a45585d6923d69189def8593cb341d1e07ef887cbd7de0a3c4dd8e4ce5f879e1b6986df3df6b5b86b0892e14af85dc6cc775ca2890c5661ee2432abd1523482fb5b0efe78f6953f468bad4ccdf83be4c78e5e2a20a360184d72d0de502a109a1f3d9ba5914bb2df8f5a511553efd61b71bb801b08e59012b5005fab343f60ddf5408557adb159a6838b6316c67ceefa31b4e5332288752889d4b8b6882c97c3a391c249dd299d690f4e2c73e81c279078d8df6f951991bbec6ac94f53304c7ac537297502612c4d599c9d3568210ea67231ff2aa5ed4b9bffff6212c51366d1e0c89daf8475cfb6d25d668ceb44c0f82e60e2eb2d8c77f5cb915c9c071707b39f8678ee525f12fda1d0cb85645353fa1aa22e1535e4e52162470f20952679aed079e9af409bdfeda3b034d3ab14e07f6cab849e4ec95f828065f3461e82a9787868ee261700037ed49ca1011771cbbd5f5fa66b2d7c26dd8b2f2caf7017f0bec0d15cf48540b9daa4650e46bfaf59a53c050e510bb66c89dad65e20e229793f8c14d3302f9cdf20166f4d90835924c53c9680666d58f1f1a203c1759a21db03c9ecbb01f80b9b826f4ad2491cf92a3e054db97457554ae46f7a8d47b18f45280357d0168aed4512e44e1539e9b52f4dfb115327e0ea951f37d78bce4a375f0ba92cfe45dda1a6408bea26664648026630eeaa62c0e969dec86d8b3824e23e21fd5ff6f0b803f6bfe21d814bcf326b375a42d4d96e0ce10d94c711da4043ffac1f73c750487c139cc4be78a4e2c1ba5236891cd4758a4edf0b42cbafd9db65b1dc76b443e9f7f83d5bddcd3cb3d674bf53cf06ed6e2f6a2c1215e838b35e72d503b7bc0f8f030db0bb83896862b2e9d03db95827cc634bf6287c4adca5464d740fc2e54b48c06fd8916cb7a9183fef45b7e9b75c3c86fecd44491b1fe3b8dc20204a95f95c0297377d4f4f8f6ed506a2922717dba45924e8f4402923742d94497ba1f24abf0a35da3fc090e03787abb6e48473d8fc1a00fb1343fa4a794a92248d816901d8399018ab9aed514b383191bf8e5f20cd53ca301443a0ae93de0ba5f7f337878c5d53792df5e074554c72b7f9dcce8b0a49bfe229ab6cd57c1bac316f83b8d63a9b5a3aaa32fc7afc4fe972de1e9e6d3d9317139b27d03db848929a1ad439a0494540213d72ceb6f39ad39412be62e2cf60ecc3cfb87ad454ba891346cbbe584d812d0bfdde9a4c8b06598c7832cdf1f374256ff8cba41e8edb61b949266998c3ac51efa65c50f5f186c6ba2093613414a743ef3d85b2d52bc1b767aea50fce5d3f04d36ae64a3290ae753b7fc6b6c27583e02267a9ffc0a65e94c674ee1c9d1b5e33c84e0287e8d2ced2d04f89f3fe002c930fb09de0720ab0c737cbb7b4a275db3b176a61d47ea49e0fcfbb0ee7d759c92a331b6c108773273cfa7d7a90582b69d5397ae68dbda8bd1c11f2b0688fddd642c2f4ba3d92039a74760fc9f25979505ca3313fe5558bab69a743c2ab98c1d0ba9112350147b15b5b939fdc647b0ee3d3a2fdc28d1686baaec389c537f989b323098ec8aaf29832bbd0f308af1ae6c620cfe150034a07c0f1e3561aa52c652e8ec1d30fb9db908bb379003f82156e0711e92e706f86e0482e974365fbde23118b5c31710c2ad05738a331d4d74a2b0ce59ecd0bc166aba0810a37b4927dfec86c16e8521efd91028478f23bd545c683339ca6f0126172902fd180cc16e80067545b4598df2d2f2042e19334d53bbe6f04247c6746f9b2f9f67e218214f02874a980608580b73680be2f1a500744daf001a8836bfb7e5d79cacf22955534b15052ca7aa30902ea3c0797b3e5fb289912b08183859a741aaf5158fa82a2ef73794b6fe72c8a5fa01ed0f729adc383d151e8652cff864d80e2ed1b22fefc32cfd813e8e69e7120f49160a6b6c14cc357dd2d51fe6f3c003f0be9b4acc293b964a5a94a7b4d267f65b3f160670ef0e0c7bf6938f4d089b52b79fe91979eadbfa9861aad10ffae28ce73e3486c7d0645246332c8ce002800c4a4eb4a6193b7a6ab17d0b45648e0152035b3c7d6f50de0fe2bd46af5839fa903ea8ffcaac02dc9b9ebf32c674a0fa13dd34a78f8e965da945156fbb8968ed1b3f6db6375f468e9e3025f42aa2f3c72ba6a61a424305172302d481466aab81165abbb3df5d0137dc7ba136951822ba2ddf1403ebe3e327192e518a0cd028bdcd0bc0d5721a6e3fb542c22601f64f7a424e2e71c10af2518cbaf90b5d0bbaa2efdafed8b0511841c4dfc8503d23c87fa74bcdc6b96b257289ba4128ecf745b19de11a353571f502a999a9f210b3c02409bb382f87e9f1c0d09c048da8960a3b12bcf5b352312a6b2b082517b6ef6173a11860d9d6dfc1abca37d28176f9e1635e37d366c0da37790f9476dc19179f3c0327f75df5311ae9d6dcbe7b1055a92e7d5121909e17c22730e8deda779ae5f2f35b763903c2cd69cd0cbd5219dd7d0f0ea6b6b8edef3c888ec20ad886dc4c15e28ec990d384c3f93f6c8a02c4d6b95e8123b759959b7ae4f3a9c44316684a74914e924ae79cb16da01fb56b95a64e39e330cc3c00ad52733d8e7415e39ac2fbbfd139ea08bf6e1a26b59519ec7665daa9e1b61089f259f4e8d752ff03b5173e1aebbdf07dc0c555e0d4fa4096fcebbe5733e8cff00ece60978ed6e8d31d8764556e6a956385247ea3d491b23a6a6b01defec0c7d7b218f8f865430300614c043cffbc684e2e696770498e87d7af543971dfea22f9c692ee995b7650fb6e0be0ac74324ed2e5a67ce6d26996c31ce7932cc1c3422a2e7cb1342161662ff2bdaf89ac7738017d25ce93377c6e17803638ba93348fb2fe9ec7f22eb78e5204bff9f63cdb3d80be439ecec1ee87c8995c586031336fba0eff3eaabc77df7752d81b51ec6024b8f6797ad7a0e0639b4062eab33a3e6ce6ea794d0c5f427be046a0520727e85bbaa70afbc842fe2f9f5c77de2b1d8761495f4e0c5a4ca9bfbce04d8171400bf8538f097cf7bd589959bf362d98d69f9d4d8ef8a1d1920b9f58b9a7198d7b37c4b3d335d79ef918d3c8fbdb54602633dcafd1c4e9c165faa3b879e4bd5ffd6091d2ca03a5b3e170a01ebb142bdf3bd87cb966702e474899cbab902efb754fa6938e1f492c98ea845348311fa9d1c6a977b0c7e8501690d48a4a8340f14e64e15b3c2bef4d4d38bf0a0c3a2dd06c7f6fd9693be840c6c84f235d78f3d7512b6d0b5f74aa590fc4b03e7833680e31d993ac17b8274323459e07af57c56f80578f38a0c4f8c60b692788252071557c837cfe4c8b1daa63b67b680e814366362973422fb4443659b9a16c495d55aef8cdd0c63af72f99bdc32b850beb626a5ce4ae5ae61d488d78e45f7e86763eceb538999193de640d16cbf06f01a433d76c2b11872a0eec98b1870da135a6f39a4a59a7487206566366030f0c7e8be78b259a104c9c1dfbfb9f568fe71a1e448eaf061dfa942cbeec7d06d0745525f92f078d2c563d8ebc60f3318920b8874e862f6e1f96a24c8fd0ab6fd35770df9565083c5c1d0ce5468c24a8530ef4b5851ff01f3cb91d5514e7b2904bbf7b483e6ad018d7be07c2a3688a554016d2a1b275b73b4e66d1f25333b47625ab9c8424148274187691ce351e159cdc5"})
syz_io_uring_submit(r7, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
syz_io_uring_setup(0x5dd2, &(0x7f0000000100)={0x0, 0x593f, 0x8, 0x2, 0x228}, &(0x7f0000ff3000/0xd000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000200)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000240)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}, 0x3f)

[ 1914.975237] FAULT_INJECTION: forcing a failure.
[ 1914.975237] name failslab, interval 1, probability 0, space 0, times 0
[ 1914.992686] CPU: 1 PID: 9898 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1915.000567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.040539] Call Trace:
20:11:28 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x500, 0x0, 0x0)

[ 1915.056693]  dump_stack+0x107/0x167
[ 1915.084642]  should_fail.cold+0x5/0xa
[ 1915.100708]  ? create_object.isra.0+0x3a/0xa20
[ 1915.104632]  should_failslab+0x5/0x20
[ 1915.105101]  kmem_cache_alloc+0x5b/0x310
[ 1915.112817]  create_object.isra.0+0x3a/0xa20
[ 1915.140566]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1915.156584]  kmem_cache_alloc+0x159/0x310
[ 1915.172883]  __kernfs_new_node+0xd4/0x860
[ 1915.173397]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1915.173978]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1915.174565]  ? wait_for_completion_io+0x270/0x270
[ 1915.175151]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1915.175789]  kernfs_new_node+0x18d/0x250
[ 1915.176289]  __kernfs_create_file+0x51/0x350
[ 1915.176841]  sysfs_add_file_mode_ns+0x221/0x560
[ 1915.177413]  internal_create_group+0x324/0xb30
[ 1915.177972]  ? sysfs_remove_group+0x170/0x170
[ 1915.178520]  ? kernfs_add_one+0x124/0x4d0
[ 1915.179026]  ? kernfs_create_link+0x1b7/0x230
[ 1915.179578]  internal_create_groups.part.0+0x90/0x140
[ 1915.180203]  sysfs_create_groups+0x25/0x50
[ 1915.180730]  device_add+0x7a9/0x1c50
[ 1915.181186]  ? lockdep_init_map_type+0x2c7/0x780
[ 1915.181759]  ? devlink_add_symlinks+0x970/0x970
[ 1915.182334]  netdev_register_kobject+0x17a/0x3b0
[ 1915.182914]  register_netdevice+0xd6e/0x1480
[ 1915.183450]  ? netdev_change_features+0xb0/0xb0
[ 1915.184024]  __tun_chr_ioctl+0x2156/0x3f60
[ 1915.184553]  ? lock_downgrade+0x6d0/0x6d0
[ 1915.185062]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1915.185645]  ? tun_chr_poll+0x700/0x700
[ 1915.186127]  ? wait_for_completion_io+0x270/0x270
[ 1915.186717]  ? selinux_file_ioctl+0xb6/0x270
[ 1915.187252]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1915.187798]  __x64_sys_ioctl+0x19a/0x210
[ 1915.188291]  do_syscall_64+0x33/0x40
[ 1915.188750]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1915.189379] RIP: 0033:0x7f7955930b19
[ 1915.189834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.192064] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1915.192996] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1915.193859] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1915.194721] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1915.195583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.196445] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:11:28 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

[ 1915.287501] FAULT_INJECTION: forcing a failure.
[ 1915.287501] name failslab, interval 1, probability 0, space 0, times 0
[ 1915.289024] CPU: 1 PID: 9897 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1915.289853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.290862] Call Trace:
[ 1915.291193]  dump_stack+0x107/0x167
[ 1915.291639]  should_fail.cold+0x5/0xa
20:11:28 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x3f)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:11:28 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x600, 0x0, 0x0)

20:11:28 executing program 0:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000280)=0xffffffff)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000440)={{0x77359400}}, &(0x7f00000004c0))
timer_gettime(r0, &(0x7f00000002c0))
timer_create(0x7, 0x0, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000400)={{}, {0x77359400}}, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000080)={{0x0, 0x3938700}}, &(0x7f0000000100))
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000020301030000008000000008000000000800054000000002"], 0x1c}, 0x1, 0x0, 0x0, 0x4004894}, 0x4000004)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="14800400", @ANYRES16, @ANYBLOB="2f77030000040000000001000000"], 0x14}}, 0x0)
timer_gettime(0x0, &(0x7f0000000340))
timer_create(0x0, 0x0, &(0x7f0000000040)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000300)={{}, {0x77359400}}, &(0x7f0000000380))
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)

[ 1915.292109]  ? __kernfs_new_node+0xd4/0x860
[ 1915.300690]  should_failslab+0x5/0x20
[ 1915.301155]  kmem_cache_alloc+0x5b/0x310
[ 1915.301653]  __kernfs_new_node+0xd4/0x860
[ 1915.302159]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1915.312939]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1915.313528]  ? wait_for_completion_io+0x270/0x270
[ 1915.314114]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1915.314754]  kernfs_new_node+0x18d/0x250
[ 1915.315250]  __kernfs_create_file+0x51/0x350
[ 1915.315790]  sysfs_add_file_mode_ns+0x221/0x560
[ 1915.316360]  internal_create_group+0x324/0xb30
[ 1915.316932]  ? sysfs_remove_group+0x170/0x170
[ 1915.317476]  ? kernfs_add_one+0x124/0x4d0
[ 1915.317981]  ? kernfs_create_link+0x1b7/0x230
[ 1915.318532]  internal_create_groups.part.0+0x90/0x140
[ 1915.319161]  sysfs_create_groups+0x25/0x50
[ 1915.319674]  device_add+0x7a9/0x1c50
[ 1915.320134]  ? lockdep_init_map_type+0x2c7/0x780
[ 1915.320721]  ? devlink_add_symlinks+0x970/0x970
[ 1915.321293]  netdev_register_kobject+0x17a/0x3b0
[ 1915.321872]  register_netdevice+0xd6e/0x1480
[ 1915.322409]  ? netdev_change_features+0xb0/0xb0
[ 1915.322981]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1915.323512]  __tun_chr_ioctl+0x2156/0x3f60
[ 1915.324026]  ? lock_downgrade+0x6d0/0x6d0
[ 1915.324537]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1915.325130]  ? tun_chr_poll+0x700/0x700
[ 1915.325614]  ? wait_for_completion_io+0x270/0x270
[ 1915.326207]  ? selinux_file_ioctl+0xb6/0x270
[ 1915.326744]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1915.327291]  __x64_sys_ioctl+0x19a/0x210
[ 1915.327785]  do_syscall_64+0x33/0x40
[ 1915.328237]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1915.328870] RIP: 0033:0x7fc68ced6b19
[ 1915.329323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.331552] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1915.332478] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1915.333354] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1915.334215] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1915.335074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.335933] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:11:28 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1704, 0x0, 0x0)

20:11:28 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x1, 0x1, 0x3, 0x258}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000100), 0x4)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:11:28 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 25)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:11:28 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x3e)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1915.472339] FAULT_INJECTION: forcing a failure.
[ 1915.472339] name failslab, interval 1, probability 0, space 0, times 0
[ 1915.473890] CPU: 0 PID: 9927 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1915.474728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.475740] Call Trace:
[ 1915.476070]  dump_stack+0x107/0x167
[ 1915.476518]  should_fail.cold+0x5/0xa
[ 1915.477009]  ? __vmalloc_node_range+0x7a2/0x9e0
[ 1915.477582]  should_failslab+0x5/0x20
[ 1915.478050]  __kmalloc_node+0x76/0x420
[ 1915.478532]  __vmalloc_node_range+0x7a2/0x9e0
[ 1915.479086]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1915.479699]  ? __vmalloc_node+0x110/0x110
[ 1915.480207]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1915.480835]  ? n_tty_open+0x16/0x170
[ 1915.481290]  __vmalloc_node+0xb5/0x110
[ 1915.481763]  ? n_tty_open+0x16/0x170
[ 1915.482223]  n_tty_open+0x16/0x170
[ 1915.482656]  ? n_tty_set_termios+0x1010/0x1010
[ 1915.483213]  tty_ldisc_open+0xa2/0x120
[ 1915.483692]  tty_ldisc_setup+0x43/0x100
[ 1915.484179]  tty_init_dev.part.0+0x1fa/0x610
[ 1915.484735]  ? pty_open+0x310/0x310
[ 1915.485178]  tty_init_dev+0x5b/0x80
[ 1915.485625]  ptmx_open+0x116/0x370
[ 1915.486061]  ? pty_open+0x310/0x310
[ 1915.486507]  chrdev_open+0x268/0x6e0
[ 1915.486965]  ? __unregister_chrdev+0x110/0x110
[ 1915.487526]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1915.488117]  do_dentry_open+0x4b7/0x1090
[ 1915.488628]  ? __unregister_chrdev+0x110/0x110
[ 1915.489187]  ? may_open+0x1e4/0x400
[ 1915.489633]  path_openat+0x19ba/0x2770
[ 1915.490119]  ? path_lookupat+0x860/0x860
[ 1915.490619]  ? lock_acquire+0x197/0x470
[ 1915.491108]  ? find_held_lock+0x2c/0x110
[ 1915.491613]  do_filp_open+0x190/0x3e0
[ 1915.492078]  ? may_open_dev+0xf0/0xf0
[ 1915.492570]  ? do_raw_spin_lock+0x121/0x260
[ 1915.493103]  ? rwlock_bug.part.0+0x90/0x90
[ 1915.493628]  ? _raw_spin_unlock+0x1a/0x30
[ 1915.494134]  ? alloc_fd+0x2e7/0x670
[ 1915.494590]  do_sys_openat2+0x171/0x4d0
[ 1915.495076]  ? build_open_flags+0x6f0/0x6f0
[ 1915.495604]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1915.496196]  ? wait_for_completion_io+0x270/0x270
[ 1915.496802]  __x64_sys_openat+0x13f/0x1f0
[ 1915.497308]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1915.497824]  ? ksys_write+0x1a9/0x260
[ 1915.498295]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.498937]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1915.499570]  do_syscall_64+0x33/0x40
[ 1915.500026]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1915.500690] RIP: 0033:0x7f7574521b19
[ 1915.501145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.503374] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1915.504300] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1915.505190] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1915.506058] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1915.506924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
20:11:28 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 51)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:11:28 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 92)

[ 1915.507792] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1915.509023] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1915.571454] FAULT_INJECTION: forcing a failure.
[ 1915.571454] name failslab, interval 1, probability 0, space 0, times 0
[ 1915.572963] CPU: 0 PID: 9938 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1915.573793] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.574810] Call Trace:
[ 1915.575140]  dump_stack+0x107/0x167
[ 1915.575588]  should_fail.cold+0x5/0xa
[ 1915.576057]  ? __kernfs_new_node+0xd4/0x860
[ 1915.576601]  should_failslab+0x5/0x20
[ 1915.577074]  kmem_cache_alloc+0x5b/0x310
[ 1915.577577]  __kernfs_new_node+0xd4/0x860
[ 1915.578085]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1915.578669]  ? mark_held_locks+0x9e/0xe0
[ 1915.579174]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.579814]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1915.580471]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.581015]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1915.581679]  kernfs_new_node+0x18d/0x250
[ 1915.582177]  __kernfs_create_file+0x51/0x350
[ 1915.582714]  sysfs_add_file_mode_ns+0x221/0x560
[ 1915.583285]  internal_create_group+0x324/0xb30
[ 1915.583846]  ? sysfs_remove_group+0x170/0x170
[ 1915.584393]  ? kernfs_add_one+0x124/0x4d0
[ 1915.584913]  ? kernfs_create_link+0x1b7/0x230
[ 1915.585463]  internal_create_groups.part.0+0x90/0x140
[ 1915.586092]  sysfs_create_groups+0x25/0x50
[ 1915.586610]  device_add+0x7a9/0x1c50
[ 1915.587088]  ? lockdep_init_map_type+0x2c7/0x780
[ 1915.587677]  ? devlink_add_symlinks+0x970/0x970
[ 1915.588253]  netdev_register_kobject+0x17a/0x3b0
[ 1915.588876]  register_netdevice+0xd6e/0x1480
[ 1915.589415]  ? netdev_change_features+0xb0/0xb0
[ 1915.589986]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1915.590520]  __tun_chr_ioctl+0x2156/0x3f60
[ 1915.591040]  ? lock_downgrade+0x6d0/0x6d0
[ 1915.591550]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1915.592137]  ? tun_chr_poll+0x700/0x700
[ 1915.592633]  ? wait_for_completion_io+0x270/0x270
[ 1915.593229]  ? selinux_file_ioctl+0xb6/0x270
[ 1915.593767]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1915.594317]  __x64_sys_ioctl+0x19a/0x210
[ 1915.594813]  do_syscall_64+0x33/0x40
[ 1915.595267]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1915.595911] RIP: 0033:0x7f7955930b19
[ 1915.596367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.598615] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1915.599539] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1915.600405] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1915.601302] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1915.602167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.603033] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:11:29 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x3602, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="30000000180001000000000000000049c356486a76b2ef5bc2916ffe1905d962d21e000a000000", @ANYRES32=0x0, @ANYBLOB="14000500fc0100"/20], 0x30}}, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
ioctl$sock_inet6_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000140))
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)={0x32c, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA={0x78, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}]}]}, @TIPC_NLA_NODE={0x1c0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x54, 0x3, "8e663b63439abc420fab75be7a5e6bb53a7ecc2d1c57341c5b675f228a7a22720c842f280d32b12ad55a8a137ea712ea251dfc5a89554d07fed61f5eb960dbb060beed6d2860f218b4f95ead5e49ebbb"}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "ff14980f40d5fb14a409875d8f1ea04e4679a72baa5572196881685d9f2b2f970b60"}}, @TIPC_NLA_NODE_ID={0xee, 0x3, "3395f4facf17585a675b1713384ae5f39419baa6148d31e70764db6b6bbb82ce07b56c3272c3c32e47fd6f8d70d25ff648764d44b864c72f6c46947fc9955dfcd65d38b59393ed98e8e1646aa123a9bcee1293b64ef3248834ce74ed040c1010cd3d97b13fa2078d5a06f29459a657ed9b65e8e58f03c1bab3e3d4a3a15b878dd38c15dc54b744cd8dc5d9481b4f436a9008443b1d31541798c835fd06a8b7b91ce7caaaf9d29646d7465ac33d380fba7b710e43327597a3bd52f2222739cfb3385029e5455789dc1a64254cc517cc5d85b8c01a44bc573bdb0a1794daf5275d045727b73e715990bafd"}, @TIPC_NLA_NODE_ID={0x12, 0x3, "1566568d1ce8396644dedcfd0511"}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x31}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffc}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2000000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}]}, @TIPC_NLA_SOCK={0x38, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0x64, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1360}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}]}]}, 0x32c}, 0x1, 0x0, 0x0, 0x24040800}, 0x41010)

[ 1915.649664] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9942 comm=syz-executor.0
[ 1915.687875] FAULT_INJECTION: forcing a failure.
[ 1915.687875] name failslab, interval 1, probability 0, space 0, times 0
[ 1915.689418] CPU: 1 PID: 9940 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1915.690247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.691252] Call Trace:
[ 1915.691581]  dump_stack+0x107/0x167
[ 1915.692026]  should_fail.cold+0x5/0xa
[ 1915.692493]  ? create_object.isra.0+0x3a/0xa20
[ 1915.693063]  should_failslab+0x5/0x20
[ 1915.693534]  kmem_cache_alloc+0x5b/0x310
[ 1915.694032]  create_object.isra.0+0x3a/0xa20
[ 1915.694567]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1915.695186]  kmem_cache_alloc+0x159/0x310
[ 1915.695697]  __kernfs_new_node+0xd4/0x860
[ 1915.696207]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1915.696805]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1915.697393]  ? wait_for_completion_io+0x270/0x270
[ 1915.697982]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1915.698624]  kernfs_new_node+0x18d/0x250
[ 1915.699122]  __kernfs_create_file+0x51/0x350
[ 1915.699661]  sysfs_add_file_mode_ns+0x221/0x560
[ 1915.700234]  internal_create_group+0x324/0xb30
[ 1915.700805]  ? sysfs_remove_group+0x170/0x170
[ 1915.701350]  ? kernfs_add_one+0x124/0x4d0
[ 1915.701859]  ? kernfs_create_link+0x1b7/0x230
[ 1915.702408]  internal_create_groups.part.0+0x90/0x140
[ 1915.703037]  sysfs_create_groups+0x25/0x50
[ 1915.703553]  device_add+0x7a9/0x1c50
[ 1915.704011]  ? lockdep_init_map_type+0x2c7/0x780
[ 1915.704597]  ? devlink_add_symlinks+0x970/0x970
[ 1915.705172]  netdev_register_kobject+0x17a/0x3b0
[ 1915.705753]  register_netdevice+0xd6e/0x1480
[ 1915.706291]  ? netdev_change_features+0xb0/0xb0
[ 1915.706859]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1915.707411]  __tun_chr_ioctl+0x2156/0x3f60
[ 1915.707927]  ? lock_downgrade+0x6d0/0x6d0
[ 1915.708431]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1915.709027]  ? tun_chr_poll+0x700/0x700
[ 1915.709514]  ? wait_for_completion_io+0x270/0x270
[ 1915.710108]  ? selinux_file_ioctl+0xb6/0x270
[ 1915.710646]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1915.711193]  __x64_sys_ioctl+0x19a/0x210
[ 1915.711687]  do_syscall_64+0x33/0x40
[ 1915.712140]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1915.712771] RIP: 0033:0x7fc68ced6b19
[ 1915.713223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.715450] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1915.716374] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1915.717256] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1915.718122] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1915.718986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.719850] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1929.195204] FAULT_INJECTION: forcing a failure.
[ 1929.195204] name failslab, interval 1, probability 0, space 0, times 0
[ 1929.198660] CPU: 1 PID: 9954 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1929.200611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.203001] Call Trace:
[ 1929.203752]  dump_stack+0x107/0x167
[ 1929.204787]  should_fail.cold+0x5/0xa
[ 1929.205885]  ? create_object.isra.0+0x3a/0xa20
[ 1929.207193]  should_failslab+0x5/0x20
[ 1929.208283]  kmem_cache_alloc+0x5b/0x310
[ 1929.209453]  create_object.isra.0+0x3a/0xa20
[ 1929.210706]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1929.212159]  kmem_cache_alloc+0x159/0x310
[ 1929.213359]  __kernfs_new_node+0xd4/0x860
[ 1929.214553]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1929.215907]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.217302]  ? lock_is_held_type+0x2c/0x110
[ 1929.218534]  ? wait_for_completion_io+0x270/0x270
[ 1929.219915]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1929.221442]  kernfs_new_node+0x18d/0x250
[ 1929.222601]  __kernfs_create_file+0x51/0x350
[ 1929.223857]  sysfs_add_file_mode_ns+0x221/0x560
[ 1929.225205]  internal_create_group+0x324/0xb30
[ 1929.226511]  ? sysfs_remove_group+0x170/0x170
[ 1929.227794]  ? kernfs_add_one+0x124/0x4d0
[ 1929.228975]  ? kernfs_create_link+0x1b7/0x230
[ 1929.234272]  internal_create_groups.part.0+0x90/0x140
[ 1929.234985]  sysfs_create_groups+0x25/0x50
[ 1929.235564]  device_add+0x7a9/0x1c50
[ 1929.236079]  ? lockdep_init_map_type+0x2c7/0x780
[ 1929.236731]  ? devlink_add_symlinks+0x970/0x970
[ 1929.237396]  netdev_register_kobject+0x17a/0x3b0
[ 1929.238051]  register_netdevice+0xd6e/0x1480
[ 1929.238658]  ? netdev_change_features+0xb0/0xb0
[ 1929.239295]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1929.239891]  __tun_chr_ioctl+0x2156/0x3f60
[ 1929.240470]  ? lock_downgrade+0x6d0/0x6d0
[ 1929.245670]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.246291]  ? tun_chr_poll+0x700/0x700
[ 1929.246797]  ? wait_for_completion_io+0x270/0x270
[ 1929.247467]  ? selinux_file_ioctl+0xb6/0x270
[ 1929.248065]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1929.248684]  __x64_sys_ioctl+0x19a/0x210
[ 1929.249259]  do_syscall_64+0x33/0x40
[ 1929.249767]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.249913] FAULT_INJECTION: forcing a failure.
[ 1929.249913] name failslab, interval 1, probability 0, space 0, times 0
[ 1929.250469] RIP: 0033:0x7f7955930b19
[ 1929.250486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.250498] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1929.257874] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1929.258735] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1929.259601] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1929.260459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.261373] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1929.262276] CPU: 0 PID: 9966 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1929.263119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.264163] Call Trace:
[ 1929.264490]  dump_stack+0x107/0x167
[ 1929.264935]  should_fail.cold+0x5/0xa
[ 1929.265420]  ? create_object.isra.0+0x3a/0xa20
[ 1929.266004]  should_failslab+0x5/0x20
[ 1929.266484]  kmem_cache_alloc+0x5b/0x310
[ 1929.266983]  create_object.isra.0+0x3a/0xa20
[ 1929.267521]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1929.268149]  __kmalloc_node+0x1ae/0x420
[ 1929.268644]  __vmalloc_node_range+0x7a2/0x9e0
[ 1929.269210]  ? __ldsem_down_write_nested+0xf6/0x7e0
[ 1929.269821]  ? __vmalloc_node+0x110/0x110
[ 1929.270327]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1929.270938]  ? n_tty_open+0x16/0x170
[ 1929.271392]  __vmalloc_node+0xb5/0x110
[ 1929.271864]  ? n_tty_open+0x16/0x170
[ 1929.272321]  n_tty_open+0x16/0x170
[ 1929.272753]  ? n_tty_set_termios+0x1010/0x1010
[ 1929.273323]  tty_ldisc_open+0xa2/0x120
[ 1929.273798]  tty_ldisc_setup+0x43/0x100
[ 1929.274284]  tty_init_dev.part.0+0x1fa/0x610
[ 1929.274821]  ? pty_open+0x310/0x310
[ 1929.275264]  tty_init_dev+0x5b/0x80
[ 1929.275709]  ptmx_open+0x116/0x370
[ 1929.276144]  ? pty_open+0x310/0x310
[ 1929.276588]  chrdev_open+0x268/0x6e0
[ 1929.277079]  ? __unregister_chrdev+0x110/0x110
[ 1929.277645]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1929.285055]  do_dentry_open+0x4b7/0x1090
[ 1929.285559]  ? __unregister_chrdev+0x110/0x110
[ 1929.286112]  ? may_open+0x1e4/0x400
[ 1929.286556]  path_openat+0x19ba/0x2770
[ 1929.287036]  ? path_lookupat+0x860/0x860
[ 1929.287537]  ? lock_acquire+0x197/0x470
[ 1929.288019]  ? find_held_lock+0x2c/0x110
[ 1929.288522]  do_filp_open+0x190/0x3e0
[ 1929.288983]  ? may_open_dev+0xf0/0xf0
[ 1929.289532]  ? do_raw_spin_lock+0x121/0x260
[ 1929.293217]  ? rwlock_bug.part.0+0x90/0x90
[ 1929.293758]  ? _raw_spin_unlock+0x1a/0x30
[ 1929.294281]  ? alloc_fd+0x2e7/0x670
[ 1929.294801]  do_sys_openat2+0x171/0x4d0
[ 1929.295362]  ? build_open_flags+0x6f0/0x6f0
[ 1929.295965]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.296655]  ? wait_for_completion_io+0x270/0x270
[ 1929.297273]  __x64_sys_openat+0x13f/0x1f0
[ 1929.297785]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1929.298325]  ? ksys_write+0x1a9/0x260
[ 1929.298794]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1929.299453]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1929.300078]  do_syscall_64+0x33/0x40
[ 1929.300553]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.301181] RIP: 0033:0x7f7574521b19
[ 1929.301656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.303926] RSP: 002b:00007f7571a76188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1929.304867] RAX: ffffffffffffffda RBX: 00007f7574635020 RCX: 00007f7574521b19
[ 1929.305776] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1929.306670] RBP: 00007f7571a761d0 R08: 0000000000000000 R09: 0000000000000000
[ 1929.307562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.308444] R13: 00007fffd255ec7f R14: 00007f7571a76300 R15: 0000000000022000
20:11:42 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 52)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:11:42 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x56, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, @perf_config_ext={0x0, 0x9}, 0x0, 0x0, 0x0, 0x4, 0xc1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
r2 = openat(r1, &(0x7f0000000100)='./file1\x00', 0x12000, 0x1a3)
lseek(0xffffffffffffffff, 0x0, 0x4)
r3 = fork()
r4 = gettid()
kcmp(r3, r4, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x81, 0x3f, 0x62, 0x0, 0x8, 0x1044, 0x4, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_config_ext={0x100, 0xcc}, 0x800, 0x5, 0x9, 0x6, 0x6665, 0x1, 0x4, 0x0, 0x101, 0x0, 0xfffffffffffffffe}, r4, 0xb, r0, 0x18)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYRES16=r1, @ANYRESHEX=r6, @ANYBLOB="2c6d73697a653d3078303030300530303030305bc9603d01d03830303030332c00"])
read(r6, &(0x7f0000000200)=""/217, 0xd9)
r7 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="05972b7d732b66642c729e7966646e6f3d", @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r9, @ANYBLOB=',msize=0x0000000000800003,\x00'])
r10 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000140)=0xe, 0x800)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r6, 0xc0c89425, &(0x7f0000000500)={"f0c71f060fdf86d1f2f981faac40f351", <r11=>0x0, 0x0, {0x0, 0x4}, {0x3009, 0x401}, 0xfffffffffffffe00, [0x8001, 0x3, 0x80ffffffffc, 0x6, 0xf507, 0x1, 0x5, 0xf1a, 0x3, 0xe1, 0x1000000000000000, 0x5, 0x80000002, 0xb, 0x0, 0x9]})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r10, 0x5000943f, &(0x7f0000000600)={{r0}, r11, 0x8, @unused=[0x1, 0x7, 0x7, 0x10001], @subvolid=0xffff})
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r9, 0xf502, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000000400)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r7, @ANYBLOB="08000100eb00b601e56b000000000000"])
ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f00000004c0))

20:11:42 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:11:42 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x48)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:11:42 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x2000)

20:11:42 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r4 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0)
r8 = syz_io_uring_setup(0x3ca0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}}, 0x1)
syz_io_uring_setup(0x2b4b, &(0x7f0000000380)={0x0, 0x369b, 0x10, 0x0, 0x3cb}, &(0x7f00006bb000/0x2000)=nil, &(0x7f00007b0000/0x3000)=nil, &(0x7f0000000140)=<r12=>0x0, &(0x7f0000000240))
r13 = fsmount(0xffffffffffffffff, 0x0, 0x80)
r14 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r15=>0x0, &(0x7f0000000280)=<r16=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x2)
r17 = io_uring_register$IORING_REGISTER_PERSONALITY(r14, 0x9, 0x0, 0x0)
syz_io_uring_submit(r15, r16, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r17}}, 0x0)
syz_io_uring_submit(r12, r2, &(0x7f00000002c0)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x5, 0x0, r13, &(0x7f0000000300)={0x20000004}, r8, 0x3, 0x0, 0x1, {0x0, r17}}, 0x7ffffffe)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:11:42 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 93)

20:11:42 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 26)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

[ 1929.334078] FAULT_INJECTION: forcing a failure.
[ 1929.334078] name failslab, interval 1, probability 0, space 0, times 0
[ 1929.335680] CPU: 0 PID: 9963 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1929.336553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.341665] Call Trace:
[ 1929.342007]  dump_stack+0x107/0x167
[ 1929.342480]  should_fail.cold+0x5/0xa
[ 1929.342946]  ? __kernfs_new_node+0xd4/0x860
[ 1929.343502]  should_failslab+0x5/0x20
[ 1929.343963]  kmem_cache_alloc+0x5b/0x310
[ 1929.344485]  __kernfs_new_node+0xd4/0x860
[ 1929.344990]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1929.345623]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.346222]  ? wait_for_completion_io+0x270/0x270
[ 1929.346853]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1929.347496]  kernfs_new_node+0x18d/0x250
[ 1929.348014]  __kernfs_create_file+0x51/0x350
[ 1929.348573]  sysfs_add_file_mode_ns+0x221/0x560
[ 1929.349149]  internal_create_group+0x324/0xb30
[ 1929.349708]  ? sysfs_remove_group+0x170/0x170
[ 1929.350252]  ? kernfs_add_one+0x124/0x4d0
[ 1929.350757]  ? kernfs_create_link+0x1b7/0x230
[ 1929.351305]  internal_create_groups.part.0+0x90/0x140
[ 1929.351930]  sysfs_create_groups+0x25/0x50
[ 1929.352447]  device_add+0x7a9/0x1c50
[ 1929.352903]  ? lockdep_init_map_type+0x2c7/0x780
[ 1929.353553]  ? devlink_add_symlinks+0x970/0x970
[ 1929.354134]  netdev_register_kobject+0x17a/0x3b0
[ 1929.354724]  register_netdevice+0xd6e/0x1480
[ 1929.355281]  ? netdev_change_features+0xb0/0xb0
[ 1929.355848]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1929.356401]  __tun_chr_ioctl+0x2156/0x3f60
[ 1929.356916]  ? lock_downgrade+0x6d0/0x6d0
[ 1929.357436]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.358021]  ? tun_chr_poll+0x700/0x700
[ 1929.358507]  ? wait_for_completion_io+0x270/0x270
[ 1929.359100]  ? selinux_file_ioctl+0xb6/0x270
[ 1929.359641]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1929.360193]  __x64_sys_ioctl+0x19a/0x210
[ 1929.360689]  do_syscall_64+0x33/0x40
[ 1929.361154]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.361775] RIP: 0033:0x7fc68ced6b19
[ 1929.362229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.364459] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1929.365448] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1929.366316] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1929.367187] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1929.368052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.368919] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:11:42 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], 0x2}}], 0x1, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0x2, 0x4e23, 0x0, @empty}, 0x80, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080)
pipe(&(0x7f0000000100))

20:11:42 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 94)

20:11:42 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 27)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:11:42 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 53)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:11:42 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x4c)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:11:42 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x4000)

[ 1929.498200] FAULT_INJECTION: forcing a failure.
[ 1929.498200] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1929.499714] CPU: 0 PID: 9987 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1929.500544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.505547] Call Trace:
[ 1929.505882]  dump_stack+0x107/0x167
[ 1929.506327]  should_fail.cold+0x5/0xa
[ 1929.506796]  __alloc_pages_nodemask+0x182/0x600
[ 1929.507361]  ? __kmalloc_node+0x1ae/0x420
[ 1929.507865]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1929.508594]  ? mark_held_locks+0x9e/0xe0
[ 1929.509100]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.509634]  alloc_pages_current+0x187/0x280
[ 1929.510171]  __vmalloc_node_range+0x60a/0x9e0
[ 1929.510723]  ? __vmalloc_node+0x110/0x110
[ 1929.511229]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1929.511843]  ? n_tty_open+0x16/0x170
[ 1929.512295]  __vmalloc_node+0xb5/0x110
[ 1929.512765]  ? n_tty_open+0x16/0x170
[ 1929.513240]  n_tty_open+0x16/0x170
[ 1929.513671]  ? n_tty_set_termios+0x1010/0x1010
[ 1929.514226]  tty_ldisc_open+0xa2/0x120
[ 1929.514699]  tty_ldisc_setup+0x43/0x100
[ 1929.515182]  tty_init_dev.part.0+0x1fa/0x610
[ 1929.515723]  ? pty_open+0x310/0x310
[ 1929.516163]  tty_init_dev+0x5b/0x80
[ 1929.516606]  ptmx_open+0x116/0x370
[ 1929.517051]  ? pty_open+0x310/0x310
[ 1929.517516]  chrdev_open+0x268/0x6e0
[ 1929.517967]  ? __unregister_chrdev+0x110/0x110
[ 1929.518524]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1929.519094]  do_dentry_open+0x4b7/0x1090
[ 1929.519587]  ? __unregister_chrdev+0x110/0x110
[ 1929.520139]  ? may_open+0x1e4/0x400
[ 1929.520582]  path_openat+0x19ba/0x2770
[ 1929.521075]  ? path_lookupat+0x860/0x860
[ 1929.521642]  ? lock_acquire+0x197/0x470
[ 1929.522127]  ? find_held_lock+0x2c/0x110
[ 1929.522630]  do_filp_open+0x190/0x3e0
[ 1929.523090]  ? may_open_dev+0xf0/0xf0
[ 1929.523563]  ? do_raw_spin_lock+0x121/0x260
[ 1929.524088]  ? rwlock_bug.part.0+0x90/0x90
[ 1929.524609]  ? _raw_spin_unlock+0x1a/0x30
[ 1929.525124]  ? alloc_fd+0x2e7/0x670
[ 1929.525576]  do_sys_openat2+0x171/0x4d0
[ 1929.526060]  ? build_open_flags+0x6f0/0x6f0
[ 1929.526586]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.527173]  ? wait_for_completion_io+0x270/0x270
[ 1929.527762]  __x64_sys_openat+0x13f/0x1f0
[ 1929.528266]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1929.528778]  ? ksys_write+0x1a9/0x260
[ 1929.529258]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1929.529892]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1929.530519]  do_syscall_64+0x33/0x40
[ 1929.530969]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.531591] RIP: 0033:0x7f7574521b19
[ 1929.532043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.534305] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1929.535231] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1929.536091] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1929.536952] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1929.537829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.538691] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
20:11:42 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r4 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0)
r8 = syz_io_uring_setup(0x3ca0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000001c0)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}}, 0x1)
syz_io_uring_setup(0x2b4b, &(0x7f0000000380)={0x0, 0x369b, 0x10, 0x0, 0x3cb}, &(0x7f00006bb000/0x2000)=nil, &(0x7f00007b0000/0x3000)=nil, &(0x7f0000000140)=<r12=>0x0, &(0x7f0000000240))
r13 = fsmount(0xffffffffffffffff, 0x0, 0x80)
r14 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r15=>0x0, &(0x7f0000000280)=<r16=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x2)
r17 = io_uring_register$IORING_REGISTER_PERSONALITY(r14, 0x9, 0x0, 0x0)
syz_io_uring_submit(r15, r16, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r17}}, 0x0)
syz_io_uring_submit(r12, r2, &(0x7f00000002c0)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x5, 0x0, r13, &(0x7f0000000300)={0x20000004}, r8, 0x3, 0x0, 0x1, {0x0, r17}}, 0x7ffffffe)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1929.543865] FAULT_INJECTION: forcing a failure.
[ 1929.543865] name failslab, interval 1, probability 0, space 0, times 0
[ 1929.549305] CPU: 0 PID: 9982 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1929.550135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.551137] Call Trace:
[ 1929.551463]  dump_stack+0x107/0x167
[ 1929.551905]  should_fail.cold+0x5/0xa
[ 1929.552373]  ? __kernfs_new_node+0xd4/0x860
[ 1929.552898]  should_failslab+0x5/0x20
[ 1929.553379]  kmem_cache_alloc+0x5b/0x310
[ 1929.553881]  __kernfs_new_node+0xd4/0x860
[ 1929.554391]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1929.554976]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.555565]  ? wait_for_completion_io+0x270/0x270
[ 1929.556151]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1929.556797]  kernfs_new_node+0x18d/0x250
[ 1929.557307]  __kernfs_create_file+0x51/0x350
[ 1929.557843]  sysfs_add_file_mode_ns+0x221/0x560
[ 1929.558416]  internal_create_group+0x324/0xb30
[ 1929.558974]  ? sysfs_remove_group+0x170/0x170
[ 1929.559520]  ? kernfs_add_one+0x124/0x4d0
[ 1929.560026]  ? kernfs_create_link+0x1b7/0x230
[ 1929.560574]  internal_create_groups.part.0+0x90/0x140
[ 1929.561208]  sysfs_create_groups+0x25/0x50
[ 1929.561724]  device_add+0x7a9/0x1c50
[ 1929.562181]  ? lockdep_init_map_type+0x2c7/0x780
[ 1929.562762]  ? devlink_add_symlinks+0x970/0x970
[ 1929.563363]  netdev_register_kobject+0x17a/0x3b0
[ 1929.563968]  register_netdevice+0xd6e/0x1480
[ 1929.564533]  ? netdev_change_features+0xb0/0xb0
[ 1929.565130]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1929.565664]  __tun_chr_ioctl+0x2156/0x3f60
[ 1929.566181]  ? lock_downgrade+0x6d0/0x6d0
[ 1929.566686]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.567272]  ? tun_chr_poll+0x700/0x700
[ 1929.567756]  ? wait_for_completion_io+0x270/0x270
[ 1929.568352]  ? selinux_file_ioctl+0xb6/0x270
[ 1929.568895]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1929.569907]  __x64_sys_ioctl+0x19a/0x210
[ 1929.570887]  do_syscall_64+0x33/0x40
[ 1929.571780]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.573019] RIP: 0033:0x7f7955930b19
[ 1929.578133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.582942] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1929.584775] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1929.586785] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1929.588505] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1929.590449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.592169] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:11:42 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r6=>0x0, &(0x7f0000002a40)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x14}, &(0x7f00000001c0)='./file0\x00', 0x18}, 0x5)
clock_gettime(0x0, &(0x7f0000000100)={<r8=>0x0, <r9=>0x0})
pipe(&(0x7f00000001c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="747261ef1aad70749093ce646e6f3d", @ANYRESHEX=r10, @ANYBLOB="2c7766646ef780", @ANYRESHEX=r11, @ANYBLOB=',msize=0x0000000000800003,\x00'])
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000400)={0x9}, r11}, 0x5)
r12 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r13=>0x0, &(0x7f0000000280)=<r14=>0x0)
r15 = io_uring_register$IORING_REGISTER_PERSONALITY(r12, 0x9, 0x0, 0x0)
syz_io_uring_submit(r13, r14, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r15}}, 0x0)
syz_io_uring_submit(r4, r7, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000140)={r8, r9+60000000}, 0x1, 0x1, 0x0, {0x0, r15}}, 0x6)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1929.606728] FAULT_INJECTION: forcing a failure.
[ 1929.606728] name failslab, interval 1, probability 0, space 0, times 0
[ 1929.608436] CPU: 1 PID: 9991 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1929.613406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.614631] Call Trace:
[ 1929.615021]  dump_stack+0x107/0x167
[ 1929.615552]  should_fail.cold+0x5/0xa
[ 1929.616110]  ? create_object.isra.0+0x3a/0xa20
[ 1929.616781]  should_failslab+0x5/0x20
[ 1929.617334]  kmem_cache_alloc+0x5b/0x310
[ 1929.617933]  create_object.isra.0+0x3a/0xa20
[ 1929.618571]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1929.619317]  kmem_cache_alloc+0x159/0x310
[ 1929.619925]  __kernfs_new_node+0xd4/0x860
[ 1929.620535]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1929.625235]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.625947]  ? wait_for_completion_io+0x270/0x270
[ 1929.626652]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1929.627429]  kernfs_new_node+0x18d/0x250
[ 1929.628025]  __kernfs_create_file+0x51/0x350
[ 1929.628675]  sysfs_add_file_mode_ns+0x221/0x560
[ 1929.629319]  internal_create_group+0x324/0xb30
[ 1929.629885]  ? sysfs_remove_group+0x170/0x170
[ 1929.629927] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1929.630427]  ? kernfs_add_one+0x124/0x4d0
[ 1929.630443]  ? kernfs_create_link+0x1b7/0x230
[ 1929.630458]  internal_create_groups.part.0+0x90/0x140
[ 1929.632810]  sysfs_create_groups+0x25/0x50
[ 1929.633364]  device_add+0x7a9/0x1c50
[ 1929.633910]  ? lockdep_init_map_type+0x2c7/0x780
[ 1929.634604]  ? devlink_add_symlinks+0x970/0x970
[ 1929.635288]  netdev_register_kobject+0x17a/0x3b0
[ 1929.635986]  register_netdevice+0xd6e/0x1480
[ 1929.636630]  ? netdev_change_features+0xb0/0xb0
[ 1929.637297]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1929.637935]  __tun_chr_ioctl+0x2156/0x3f60
[ 1929.638553]  ? lock_downgrade+0x6d0/0x6d0
[ 1929.639161]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1929.639862]  ? tun_chr_poll+0x700/0x700
[ 1929.640445]  ? wait_for_completion_io+0x270/0x270
[ 1929.641147]  ? selinux_file_ioctl+0xb6/0x270
[ 1929.641685]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1929.642244]  __x64_sys_ioctl+0x19a/0x210
[ 1929.642738]  do_syscall_64+0x33/0x40
[ 1929.643192]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.643813] RIP: 0033:0x7fc68ced6b19
[ 1929.644267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.646544] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1929.647468] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1929.648338] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1929.653229] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1929.654089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.654951] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:11:43 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x400000)

20:11:43 executing program 0:
unshare(0x28020600)
semget$private(0x0, 0x0, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x0, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000e, 0x10, 0xffffffffffffffff, 0x0)
unshare(0x880)
syz_io_uring_submit(r0, 0x0, 0x0, 0x0)
unshare(0x48020200)

[ 1949.720766] FAULT_INJECTION: forcing a failure.
[ 1949.720766] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1949.722331] CPU: 0 PID: 10020 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1949.722735] FAULT_INJECTION: forcing a failure.
[ 1949.722735] name failslab, interval 1, probability 0, space 0, times 0
[ 1949.723171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1949.723176] Call Trace:
[ 1949.723197]  dump_stack+0x107/0x167
[ 1949.723212]  should_fail.cold+0x5/0xa
[ 1949.726757]  __alloc_pages_nodemask+0x182/0x600
[ 1949.727325]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1949.728052]  ? mark_held_locks+0x9e/0xe0
[ 1949.728549]  ? trace_hardirqs_on+0x5b/0x180
[ 1949.729077]  alloc_pages_current+0x187/0x280
[ 1949.729616]  __vmalloc_node_range+0x60a/0x9e0
[ 1949.730176]  ? __vmalloc_node+0x110/0x110
[ 1949.730681]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1949.731291]  ? n_tty_open+0x16/0x170
[ 1949.731741]  __vmalloc_node+0xb5/0x110
[ 1949.732211]  ? n_tty_open+0x16/0x170
[ 1949.732664]  n_tty_open+0x16/0x170
[ 1949.733092]  ? n_tty_set_termios+0x1010/0x1010
[ 1949.733642]  tty_ldisc_open+0xa2/0x120
[ 1949.734138]  tty_ldisc_setup+0x43/0x100
[ 1949.734620]  tty_init_dev.part.0+0x1fa/0x610
[ 1949.735154]  ? pty_open+0x310/0x310
[ 1949.735594]  tty_init_dev+0x5b/0x80
[ 1949.736037]  ptmx_open+0x116/0x370
[ 1949.736474]  ? pty_open+0x310/0x310
[ 1949.736915]  chrdev_open+0x268/0x6e0
[ 1949.737367]  ? __unregister_chrdev+0x110/0x110
[ 1949.737944]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1949.738515]  do_dentry_open+0x4b7/0x1090
[ 1949.739008]  ? __unregister_chrdev+0x110/0x110
[ 1949.739560]  ? may_open+0x1e4/0x400
[ 1949.740003]  path_openat+0x19ba/0x2770
[ 1949.740483]  ? path_lookupat+0x860/0x860
[ 1949.740976]  ? lock_acquire+0x197/0x470
[ 1949.741457]  ? find_held_lock+0x2c/0x110
[ 1949.741988]  do_filp_open+0x190/0x3e0
[ 1949.742448]  ? may_open_dev+0xf0/0xf0
[ 1949.742919]  ? do_raw_spin_lock+0x121/0x260
[ 1949.743441]  ? rwlock_bug.part.0+0x90/0x90
[ 1949.743960]  ? _raw_spin_unlock+0x1a/0x30
[ 1949.744461]  ? alloc_fd+0x2e7/0x670
[ 1949.744910]  do_sys_openat2+0x171/0x4d0
[ 1949.745393]  ? build_open_flags+0x6f0/0x6f0
[ 1949.745931]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1949.746518]  ? wait_for_completion_io+0x270/0x270
[ 1949.747106]  __x64_sys_openat+0x13f/0x1f0
[ 1949.747608]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1949.748120]  ? ksys_write+0x1a9/0x260
[ 1949.748587]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1949.749221]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1949.749866]  do_syscall_64+0x33/0x40
[ 1949.750318]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1949.750963] RIP: 0033:0x7f7574521b19
[ 1949.751420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1949.753637] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1949.754575] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1949.755442] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1949.756304] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1949.757166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1949.758078] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1949.759012] CPU: 1 PID: 10027 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1949.759858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1949.760864] Call Trace:
[ 1949.761191]  dump_stack+0x107/0x167
[ 1949.761644]  should_fail.cold+0x5/0xa
20:12:03 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 54)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:12:03 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x68)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:12:03 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 95)

20:12:03 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 28)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:12:03 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x800000)

20:12:03 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
getsockopt$IP_VS_SO_GET_VERSION(r5, 0x0, 0x480, &(0x7f0000000100), &(0x7f0000000140)=0x40)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:12:03 executing program 0:
r0 = semget(0x2, 0x1, 0x0)
semctl$SEM_INFO(r0, 0x0, 0x13, &(0x7f0000000200)=""/246)
ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, &(0x7f0000000000)=0x3d20)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000640)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c, 0x0}}, {{&(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=[@pktinfo={{0x24, 0x29, 0x32, {@private2}}}], 0x28}}], 0x2, 0x0)
r2 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x6]}, 0x8, 0x80800)
syz_io_uring_setup(0x3a9a, &(0x7f0000000100)={0x0, 0xa396, 0x20, 0x3, 0x165, 0x0, r2}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000180), &(0x7f00000001c0))

20:12:03 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

[ 1949.762130]  ? __kernfs_new_node+0xd4/0x860
[ 1949.770219]  should_failslab+0x5/0x20
[ 1949.770681]  kmem_cache_alloc+0x5b/0x310
[ 1949.771176]  __kernfs_new_node+0xd4/0x860
[ 1949.771680]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1949.772256]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1949.772839]  ? wait_for_completion_io+0x270/0x270
[ 1949.778135]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1949.778774]  kernfs_new_node+0x18d/0x250
[ 1949.779268]  __kernfs_create_file+0x51/0x350
[ 1949.779802]  sysfs_add_file_mode_ns+0x221/0x560
[ 1949.780375]  internal_create_group+0x324/0xb30
[ 1949.780931]  ? sysfs_remove_group+0x170/0x170
[ 1949.781472]  ? kernfs_add_one+0x124/0x4d0
[ 1949.781993]  ? kernfs_create_link+0x1b7/0x230
[ 1949.782538]  internal_create_groups.part.0+0x90/0x140
[ 1949.783162]  sysfs_create_groups+0x25/0x50
[ 1949.783675]  device_add+0x7a9/0x1c50
[ 1949.784129]  ? lockdep_init_map_type+0x2c7/0x780
[ 1949.784700]  ? devlink_add_symlinks+0x970/0x970
[ 1949.785271]  netdev_register_kobject+0x17a/0x3b0
[ 1949.785860]  register_netdevice+0xd6e/0x1480
[ 1949.786401]  ? netdev_change_features+0xb0/0xb0
[ 1949.786966]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1949.787496]  __tun_chr_ioctl+0x2156/0x3f60
[ 1949.788010]  ? lock_downgrade+0x6d0/0x6d0
[ 1949.788511]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1949.789094]  ? tun_chr_poll+0x700/0x700
[ 1949.789581]  ? wait_for_completion_io+0x270/0x270
[ 1949.790188]  ? selinux_file_ioctl+0xb6/0x270
[ 1949.790724]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1949.791268]  __x64_sys_ioctl+0x19a/0x210
[ 1949.791760]  do_syscall_64+0x33/0x40
[ 1949.792211]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1949.792834] RIP: 0033:0x7fc68ced6b19
[ 1949.793286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1949.795614] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1949.796533] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1949.797394] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1949.798274] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1949.799136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1949.799998] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1949.868263] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:12:03 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x1000000)

[ 1949.902587] FAULT_INJECTION: forcing a failure.
[ 1949.902587] name failslab, interval 1, probability 0, space 0, times 0
[ 1949.904125] CPU: 1 PID: 10031 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1949.904966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1949.905986] Call Trace:
[ 1949.906316]  dump_stack+0x107/0x167
[ 1949.906770]  should_fail.cold+0x5/0xa
[ 1949.907239]  ? create_object.isra.0+0x3a/0xa20
[ 1949.907797]  should_failslab+0x5/0x20
[ 1949.908263]  kmem_cache_alloc+0x5b/0x310
[ 1949.908763]  create_object.isra.0+0x3a/0xa20
[ 1949.909299]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1949.909937]  kmem_cache_alloc+0x159/0x310
[ 1949.910450]  __kernfs_new_node+0xd4/0x860
[ 1949.910960]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1949.911543]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1949.912133]  ? wait_for_completion_io+0x270/0x270
[ 1949.912722]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1949.913365]  kernfs_new_node+0x18d/0x250
[ 1949.913886]  __kernfs_create_file+0x51/0x350
[ 1949.914424]  sysfs_add_file_mode_ns+0x221/0x560
[ 1949.914996]  internal_create_group+0x324/0xb30
[ 1949.915556]  ? sysfs_remove_group+0x170/0x170
[ 1949.916101]  ? kernfs_add_one+0x124/0x4d0
[ 1949.916614]  ? kernfs_create_link+0x1b7/0x230
[ 1949.917162]  internal_create_groups.part.0+0x90/0x140
[ 1949.917804]  sysfs_create_groups+0x25/0x50
[ 1949.918326]  device_add+0x7a9/0x1c50
[ 1949.918790]  ? lockdep_init_map_type+0x2c7/0x780
[ 1949.919366]  ? devlink_add_symlinks+0x970/0x970
[ 1949.919946]  netdev_register_kobject+0x17a/0x3b0
[ 1949.920527]  register_netdevice+0xd6e/0x1480
[ 1949.921067]  ? netdev_change_features+0xb0/0xb0
[ 1949.921637]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1949.922180]  __tun_chr_ioctl+0x2156/0x3f60
[ 1949.922703]  ? lock_downgrade+0x6d0/0x6d0
[ 1949.923209]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1949.923795]  ? tun_chr_poll+0x700/0x700
[ 1949.924281]  ? wait_for_completion_io+0x270/0x270
[ 1949.924876]  ? selinux_file_ioctl+0xb6/0x270
[ 1949.925415]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1949.925982]  __x64_sys_ioctl+0x19a/0x210
[ 1949.926479]  do_syscall_64+0x33/0x40
[ 1949.926934]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1949.927556] RIP: 0033:0x7f7955930b19
[ 1949.928010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1949.930258] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1949.931184] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1949.932050] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1949.932916] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1949.933790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1949.934659] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:12:03 executing program 0:
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r0=>0x0, &(0x7f0000002a40)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r0, r1, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
r2 = syz_io_uring_complete(r0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r3, 0x4)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400), 0x2, 0x3)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r3, 0x0)
syz_io_uring_setup(0x3fc6, &(0x7f0000000240)={0x0, 0xb55f, 0x2, 0x3, 0xa0, 0x0, r2}, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000002c0), &(0x7f0000000300)=<r5=>0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000340)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd_index=0x8, 0x1, 0x0, 0x1}, 0x9)
syz_io_uring_submit(r4, 0x0, 0x0, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)

20:12:03 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="04000000000000002c7266646e6f3d", @ANYRESHEX=r3, @ANYBLOB="2c7766646e6f3d1af63c4c48fd9aacc744c4dd89b0ae1b1db4c06a023aaee2240d42cae1acee99e21abedffaca2fe19aefcf6a2a27160aea5ce22b59f19709dee997b4746c7eda1d4cb104d05aeabe1e1339ca8909bd70bb16ab2ea9ab390900d0263943a0810a98508a41750fed1e", @ANYRESHEX=r4, @ANYBLOB=',msize=0x0000000000800003,\x00'])
io_uring_enter(r4, 0x652a, 0xd370, 0x1, &(0x7f0000000340)={[0x7f]}, 0x8)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000400)={0x0, {0x2, 0x4e20, @empty}, {0x2, 0x4e22, @remote}, {0x2, 0x4e20, @local}, 0x65ee49675cf56ee5, 0x0, 0x0, 0x0, 0xff01, &(0x7f0000000300)='wlan1\x00', 0x9a, 0x3, 0x7fff})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r6, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r5, 0x0, 0x0}, 0x80000001)
getsockopt$sock_buf(r5, 0x1, 0x3b, &(0x7f0000000200)=""/94, &(0x7f0000000140)=0x5e)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
r7 = signalfd(r5, &(0x7f0000000100)={[0x6]}, 0x8)
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
pipe(&(0x7f00000001c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
dup2(r9, r11)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0xa, 0x0, 0x0)

20:12:03 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 55)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1950.108492] FAULT_INJECTION: forcing a failure.
[ 1950.108492] name failslab, interval 1, probability 0, space 0, times 0
[ 1950.110060] CPU: 0 PID: 10063 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1950.110905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1950.111911] Call Trace:
[ 1950.112243]  dump_stack+0x107/0x167
[ 1950.112690]  should_fail.cold+0x5/0xa
[ 1950.113165]  ? create_object.isra.0+0x3a/0xa20
[ 1950.113724]  should_failslab+0x5/0x20
[ 1950.114205]  kmem_cache_alloc+0x5b/0x310
[ 1950.114704]  create_object.isra.0+0x3a/0xa20
[ 1950.115243]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1950.115863]  kmem_cache_alloc+0x159/0x310
[ 1950.116403]  __kernfs_new_node+0xd4/0x860
[ 1950.116913]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1950.117499]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1950.118100]  ? wait_for_completion_io+0x270/0x270
[ 1950.118692]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1950.119342]  kernfs_new_node+0x18d/0x250
[ 1950.119842]  __kernfs_create_file+0x51/0x350
[ 1950.120382]  sysfs_add_file_mode_ns+0x221/0x560
[ 1950.120954]  internal_create_group+0x324/0xb30
[ 1950.121516]  ? sysfs_remove_group+0x170/0x170
[ 1950.122074]  ? kernfs_add_one+0x124/0x4d0
[ 1950.122584]  ? kernfs_create_link+0x1b7/0x230
[ 1950.123133]  internal_create_groups.part.0+0x90/0x140
[ 1950.123764]  sysfs_create_groups+0x25/0x50
[ 1950.124283]  device_add+0x7a9/0x1c50
[ 1950.124743]  ? lockdep_init_map_type+0x2c7/0x780
[ 1950.125327]  ? devlink_add_symlinks+0x970/0x970
[ 1950.125914]  netdev_register_kobject+0x17a/0x3b0
[ 1950.126498]  register_netdevice+0xd6e/0x1480
[ 1950.127039]  ? netdev_change_features+0xb0/0xb0
[ 1950.127610]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1950.128144]  __tun_chr_ioctl+0x2156/0x3f60
[ 1950.128662]  ? lock_downgrade+0x6d0/0x6d0
[ 1950.129170]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1950.129765]  ? tun_chr_poll+0x700/0x700
[ 1950.130260]  ? wait_for_completion_io+0x270/0x270
[ 1950.130856]  ? selinux_file_ioctl+0xb6/0x270
[ 1950.131399]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1950.131951]  __x64_sys_ioctl+0x19a/0x210
[ 1950.132450]  do_syscall_64+0x33/0x40
[ 1950.132905]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1950.133531] RIP: 0033:0x7fc68ced6b19
[ 1950.133998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1950.136241] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1950.137169] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1950.138057] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1950.138928] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1950.139821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1950.140691] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:12:16 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="04000000000000002c7266646e6f3d", @ANYRESHEX=r3, @ANYBLOB="2c7766646e6f3d1af63c4c48fd9aacc744c4dd89b0ae1b1db4c06a023aaee2240d42cae1acee99e21abedffaca2fe19aefcf6a2a27160aea5ce22b59f19709dee997b4746c7eda1d4cb104d05aeabe1e1339ca8909bd70bb16ab2ea9ab390900d0263943a0810a98508a41750fed1e", @ANYRESHEX=r4, @ANYBLOB=',msize=0x0000000000800003,\x00'])
io_uring_enter(r4, 0x652a, 0xd370, 0x1, &(0x7f0000000340)={[0x7f]}, 0x8)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000400)={0x0, {0x2, 0x4e20, @empty}, {0x2, 0x4e22, @remote}, {0x2, 0x4e20, @local}, 0x65ee49675cf56ee5, 0x0, 0x0, 0x0, 0xff01, &(0x7f0000000300)='wlan1\x00', 0x9a, 0x3, 0x7fff})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r6, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r5, 0x0, 0x0}, 0x80000001)
getsockopt$sock_buf(r5, 0x1, 0x3b, &(0x7f0000000200)=""/94, &(0x7f0000000140)=0x5e)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)
r7 = signalfd(r5, &(0x7f0000000100)={[0x6]}, 0x8)
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
pipe(&(0x7f00000001c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
dup2(r9, r11)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0xa, 0x0, 0x0)

20:12:16 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 56)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:12:16 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}, 0x0, 0x0, 0x0, 0x0, 0x4000000000000}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
r7 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r10}}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r5, 0x80, &(0x7f0000000100)=@xdp={0x2c, 0x11, 0x0, 0x17}, 0x0, 0x0, 0x0, {0x0, r10}}, 0xffff)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="74e86126d835125c01a7cc646e6f3d720000000000000005000000000000007860ee48c0852edd13fe9897a19d64d901007416c374c5c81c5a7c78eaa6cbd901256296392986eb29494bfd17cbfa99e060", @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB="2c6d73697a653d307930473034303030303030383030303433ca1d2773d24aa06cd62bf2ebbfa12c00"])
syz_io_uring_setup(0x67c4, &(0x7f0000000300)={0x0, 0xacaa, 0x2, 0x1, 0x4001e7, 0x0, r4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r11, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r12 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r12, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r11, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:12:16 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:12:16 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x20000000)

20:12:16 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 29)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:12:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 96)

20:12:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x6c)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1963.628340] FAULT_INJECTION: forcing a failure.
[ 1963.628340] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1963.629917] CPU: 1 PID: 10074 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1963.631489] FAULT_INJECTION: forcing a failure.
[ 1963.631489] name failslab, interval 1, probability 0, space 0, times 0
[ 1963.634779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1963.634784] Call Trace:
[ 1963.634807]  dump_stack+0x107/0x167
[ 1963.634824]  should_fail.cold+0x5/0xa
[ 1963.634845]  __alloc_pages_nodemask+0x182/0x600
[ 1963.638982]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1963.639713]  ? mark_held_locks+0x9e/0xe0
[ 1963.640751]  ? trace_hardirqs_on+0x5b/0x180
[ 1963.641988]  alloc_pages_current+0x187/0x280
[ 1963.643262]  __vmalloc_node_range+0x60a/0x9e0
[ 1963.644545]  ? __vmalloc_node+0x110/0x110
[ 1963.645721]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1963.647298]  ? n_tty_open+0x16/0x170
[ 1963.648486]  __vmalloc_node+0xb5/0x110
[ 1963.649721]  ? n_tty_open+0x16/0x170
[ 1963.650924]  n_tty_open+0x16/0x170
[ 1963.652042]  ? n_tty_set_termios+0x1010/0x1010
[ 1963.653483]  tty_ldisc_open+0xa2/0x120
[ 1963.654727]  tty_ldisc_setup+0x43/0x100
[ 1963.655992]  tty_init_dev.part.0+0x1fa/0x610
[ 1963.657390]  ? pty_open+0x310/0x310
[ 1963.658585]  tty_init_dev+0x5b/0x80
[ 1963.659736]  ptmx_open+0x116/0x370
[ 1963.660855]  ? pty_open+0x310/0x310
[ 1963.662002]  chrdev_open+0x268/0x6e0
[ 1963.663184]  ? __unregister_chrdev+0x110/0x110
[ 1963.664638]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1963.666116]  do_dentry_open+0x4b7/0x1090
[ 1963.667403]  ? __unregister_chrdev+0x110/0x110
[ 1963.668851]  ? may_open+0x1e4/0x400
[ 1963.669998]  path_openat+0x19ba/0x2770
[ 1963.671256]  ? path_lookupat+0x860/0x860
[ 1963.672543]  ? lock_acquire+0x197/0x470
[ 1963.673796]  ? find_held_lock+0x2c/0x110
[ 1963.675099]  do_filp_open+0x190/0x3e0
[ 1963.676310]  ? may_open_dev+0xf0/0xf0
[ 1963.677528]  ? do_raw_spin_lock+0x121/0x260
[ 1963.678906]  ? rwlock_bug.part.0+0x90/0x90
[ 1963.680246]  ? _raw_spin_unlock+0x1a/0x30
[ 1963.681562]  ? alloc_fd+0x2e7/0x670
[ 1963.682745]  do_sys_openat2+0x171/0x4d0
[ 1963.684005]  ? build_open_flags+0x6f0/0x6f0
[ 1963.685363]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1963.686906]  ? wait_for_completion_io+0x270/0x270
[ 1963.688450]  __x64_sys_openat+0x13f/0x1f0
[ 1963.689764]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1963.691107]  ? ksys_write+0x1a9/0x260
[ 1963.692317]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1963.693974]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1963.695638]  do_syscall_64+0x33/0x40
[ 1963.696811]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1963.698468] RIP: 0033:0x7f7574521b19
[ 1963.699645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1963.705548] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1963.708006] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1963.710289] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1963.712567] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1963.714852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1963.717130] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1963.719454] CPU: 0 PID: 10081 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1963.720414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1963.721554] Call Trace:
[ 1963.721922]  dump_stack+0x107/0x167
[ 1963.722437]  should_fail.cold+0x5/0xa
[ 1963.722963]  ? __kernfs_new_node+0xd4/0x860
[ 1963.723559]  should_failslab+0x5/0x20
[ 1963.724077]  kmem_cache_alloc+0x5b/0x310
[ 1963.724632]  __kernfs_new_node+0xd4/0x860
[ 1963.725196]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1963.725830]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1963.726481]  ? wait_for_completion_io+0x270/0x270
[ 1963.727126]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1963.734864]  kernfs_new_node+0x18d/0x250
[ 1963.735446]  __kernfs_create_file+0x51/0x350
[ 1963.736055]  sysfs_add_file_mode_ns+0x221/0x560
[ 1963.736694]  ? internal_create_group+0x204/0xb30
[ 1963.737343]  internal_create_group+0x324/0xb30
[ 1963.737971]  ? sysfs_remove_group+0x170/0x170
[ 1963.738596]  ? kernfs_add_one+0x124/0x4d0
[ 1963.739157]  ? kernfs_create_link+0x1b7/0x230
[ 1963.739769]  internal_create_groups.part.0+0x90/0x140
[ 1963.746566]  sysfs_create_groups+0x25/0x50
[ 1963.747162]  device_add+0x7a9/0x1c50
[ 1963.748234]  ? lockdep_init_map_type+0x2c7/0x780
[ 1963.748903]  ? devlink_add_symlinks+0x970/0x970
[ 1963.750261]  netdev_register_kobject+0x17a/0x3b0
[ 1963.750926]  register_netdevice+0xd6e/0x1480
[ 1963.752190]  ? netdev_change_features+0xb0/0xb0
[ 1963.752841]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1963.754090]  __tun_chr_ioctl+0x2156/0x3f60
[ 1963.754694]  ? lock_downgrade+0x6d0/0x6d0
[ 1963.755886]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1963.756560]  ? tun_chr_poll+0x700/0x700
[ 1963.757701]  ? wait_for_completion_io+0x270/0x270
[ 1963.758387]  ? selinux_file_ioctl+0xb6/0x270
[ 1963.759662]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1963.760296]  __x64_sys_ioctl+0x19a/0x210
[ 1963.761468]  do_syscall_64+0x33/0x40
[ 1963.761990]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1963.763484] RIP: 0033:0x7f7955930b19
[ 1963.764008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1963.769429] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1963.774519] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1963.775520] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1963.776510] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1963.777502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1963.778502] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1963.813544] FAULT_INJECTION: forcing a failure.
[ 1963.813544] name failslab, interval 1, probability 0, space 0, times 0
[ 1963.816923] CPU: 0 PID: 10068 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1963.818968] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1963.821416] Call Trace:
[ 1963.822188]  dump_stack+0x107/0x167
[ 1963.823272]  should_fail.cold+0x5/0xa
[ 1963.824390]  ? __kernfs_new_node+0xd4/0x860
[ 1963.825654]  should_failslab+0x5/0x20
[ 1963.826775]  kmem_cache_alloc+0x5b/0x310
[ 1963.827963]  __kernfs_new_node+0xd4/0x860
[ 1963.829176]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1963.830583]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1963.831993]  ? wait_for_completion_io+0x270/0x270
[ 1963.833400]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1963.834944]  kernfs_new_node+0x18d/0x250
[ 1963.836131]  __kernfs_create_file+0x51/0x350
[ 1963.837416]  sysfs_add_file_mode_ns+0x221/0x560
[ 1963.838784]  internal_create_group+0x324/0xb30
[ 1963.840124]  ? sysfs_remove_group+0x170/0x170
[ 1963.841432]  ? kernfs_add_one+0x124/0x4d0
[ 1963.842660]  ? kernfs_create_link+0x1b7/0x230
[ 1963.843971]  internal_create_groups.part.0+0x90/0x140
[ 1963.845479]  sysfs_create_groups+0x25/0x50
[ 1963.846726]  device_add+0x7a9/0x1c50
[ 1963.847814]  ? lockdep_init_map_type+0x2c7/0x780
[ 1963.849200]  ? devlink_add_symlinks+0x970/0x970
[ 1963.850578]  netdev_register_kobject+0x17a/0x3b0
[ 1963.851966]  register_netdevice+0xd6e/0x1480
[ 1963.853253]  ? netdev_change_features+0xb0/0xb0
[ 1963.854624]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1963.855892]  __tun_chr_ioctl+0x2156/0x3f60
[ 1963.857125]  ? lock_downgrade+0x6d0/0x6d0
[ 1963.858345]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1963.859756]  ? tun_chr_poll+0x700/0x700
[ 1963.860915]  ? wait_for_completion_io+0x270/0x270
[ 1963.862339]  ? selinux_file_ioctl+0xb6/0x270
[ 1963.863623]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1963.864932]  __x64_sys_ioctl+0x19a/0x210
[ 1963.866121]  do_syscall_64+0x33/0x40
[ 1963.867218]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1963.868723] RIP: 0033:0x7fc68ced6b19
[ 1963.869809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1963.875270] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1963.877501] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1963.879607] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1963.881706] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1963.883806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1963.885900] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1963.889245] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:12:17 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x7ffffffff000)

20:12:17 executing program 0:
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00')
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000fd5834a34da6a7f4fca9701359d0e981ead1bb03e767cec802f88e538c11579d9c45e888a06af98286a33362c3074a4a6e757c6de6a484812d135a98025a4e38a4f31f9e1e7e2ee9eb91b12ec079e4e8658f1bccc72c9c9724e0f1437e20b595239f1d7393e7ef02426e8e805ee2e18788ccabc0830b712547c9b138583567aaf843fb9972371f7dc51b627930be3d0891ddca2acbd0beff26cb9cadda02b997d1", @ANYRES16=0x0, @ANYBLOB="7b376296aabcabc7ce867f97db5fac6ff8bdbae7257abc38abdee7a7769209ce90bc02edba6636037defa1506a1c7e6c1486fe68eab7a3bc04a4efed294232574c3189b41a9456b0925abbcc41b5933f156067554d99ace6b8f497ace87a22256558f2f8eab7e9b046cec1873ac46b3bb9bc13a25e6a96a393671e0394377577e033d8e8eda87a5e8765b1db286eb17d5d527d4fb8c08ad258b57c975d2ccd612b866f05000000000000006fe3005d817170538211e2cd3499ae25c2ba050833dc8e04ab3bae1c91", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, 0x0}, 0x40000)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x882c2, 0x0)
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000))
fallocate(r1, 0x0, 0x0, 0x1000002)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
lseek(r2, 0x800, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000180)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000600))
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f0000000680)={{}, {0x1, 0x4}, [{}], {0x4, 0x2}, [{}, {}, {0x8, 0x1}, {0x8, 0x1}], {0x10, 0x4}, {0x20, 0x4}}, 0x4c, 0x3)
sendfile(r2, r3, 0x0, 0x100000001)

20:12:17 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x74)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:12:17 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 57)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:12:17 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000140)='./file0/../file0\x00', 0x7ff, 0x3, &(0x7f0000000300)=[{&(0x7f0000000500)="030e6d1a17fa581f200571a37ff92a5755eddaf900c880fb567f3d737f263d4d280f8bcd0789e174d3c0938ca2acb7c928698dace7a80f51190989ab01b245cbb6484c4bce7a7213e326fcb5bc73eac349dce772d9afcc0d6efc442baeb2ce734ff4c6b7d21bd7a7e13a2aa9047adbe36ded293defe5252d2fe2357f12f81bff0518d3882f04a780016c80ae17992d847afc41e7fd1e1e041f33baf5f1f11b870f496138fdbd3089dcbd613e2bce435ed3d17f3d4d51cbf03fb12226f5f607de68ee16cb748c5656a9033ee555a41ffa662e26f2c8f9ab76056a52620d590e37bf590e6e2a975f8c31aa5beeaa1b7f998d84fb21cedf5231fb603ecb5b", 0xfd, 0x6}, {&(0x7f0000000600)="3fac95911076dacdb783c05db5a2891dabfa4d3940569eb73bb749c6f47d0103fbb5216120e5360199ded3c997bbb68984bb5545055ff00764c032c8fbc38fb78bba71b70968ec3df6c7743da4e12b264f71d7fe03b707efbb63b35a9ee00e5a2b0819e16ffb4a93bbe8fa934bbca7d6ffc7f4877d055e864245d63519ab2d2051ddf57cbbaab3e3d544817e6066b5adcff398e2028cb2a72ea7bbc5d85726438d355889ebc816852ae22321ada8c81a381a1799c3079022859b21425001408c4ab1855244a82f1f703abdafdddb4aad7dbb61bce9aa3ef99315bde71048c6d79826c7b3f7fea0a20b6b4fa791d7c3f4e852d4681b6f912b5eb81cae88748d48802b57cc8f998753e35650fd4a2ffbfcddf0ca70ab9dab8fbff83aa61c36e9bcfc205d4f81b6d2cb65e85b7e5406f645bd33bf6025839f39a29192436649fc9946ea1fd637a01e395cb6c6d52ee05ec9fb360f851eebdc152efec4784c12fb4321a890f703745b87e8e5ba094878d90f22ac046f60ac6fc9b9f93623a2d78aaf60e13cc74811920033fa0eff9ea75714c8612f0e864455b5961b0f37c7acb1842841067b09fe426e1b186a05a1c0c9fff25942c7862ff3c438f955721674609a350fc2f8d3edb1959c617f8e307a3f2f726fdeb4347a2742178b39c3c7b06379b1243c63286a585592c19937e45130c3f6b62ae7e6b2f4929327f25ef0f210c1b219dbb0267caebcf9a116f08008b2db9a4b1b967db2c07d4aea34b8ec60fb708934467374e9820033def3a0d54328b1b6a89662b9d318df2573201bd8637520dc1cc0f00b81724955222a1fc7616bcb79981c1b37756c79f8136cb610158e9e7690c81ffbf9b99499ef5c7a1bd630a73d6ee1d14ea12c973e32abaf86497cd5c4440d255597ad09a78dc2cdde59600e6ab52641273818f6c166c20ac22e5fe3cf3a18387772824b7c0b59b419f3d301f5ff3f0a3310eefdd2cf7309e5b01bf5080c3bb1c3d0c2afad338da02fbe4a5f6229973ffd3274f4db739698395d9b900d67ec995ee75dfd86980a9a297d5e326c49063ff0db1287fd4d86728e0b95bdf94e4015b0fd381f74b6489f07b80d48dcc9b29eb8b69f34581be467f2c094fc8c209d603eadd230b8079a1293360d782bebf0301db2e31615f0c603e89b1bc1d87d5b8d615a75244a741ab1f29c585e72b084db609cacd00172d0b39455aaebf6d065acb5bfc94fd04811b7e60b126c8e400174bca689788dd39679b104922dc79bbd6287206d917f9ab100b67c8f390884a433a8f4d04f9b3ad02817dbf3a6f98a8c5de2457175ad873bf1ea20f85b19debf37245488b04a4183a6c71536f4aa85f7427e8e98d7e38cd9bb82bfc03da10c7c9c5d32997ca8e3563078b96dab409ef1df519033a8eeea723540917264f23c7672ddb49df41896d0d246db01867373c5103e324a2ea067532833580a88173b15c645a4c27018c9295f13675342589ec2868c6a4c3b96d7a914e131ef076c6ad4d1da66f0e9bcf1cb62c3f6b0bf9d684e199a760876d7af28ab54185e11780265424055ec094b3cd30ba4035e0a774e61aa580f58a671186251bb463045361267e35e753c133a0501fd17e27c9ba1d4b4755d3fa7bc5680746bbcdab549d55efe7635a0009205a0b68a642b9d6b56c975b0b41a3e2671c559988a82a76d3f15a5c4d34ebf6a881a3e4b0678be6fece2fdbb31dde8219fa7bb9f7cf7bc74628b5646e3ab25d70a8f3c5f05fe948582ae32d1330b3b410a6bb13589d8c7d86067e018176a87f40eb1f434649f74419e0b75ede55f001aff724be9c519ddf686b37df8202c2f1cfd137038d94e4d139452edd89608546fa3a66a581d5ec7b56cefdec0b8015e27af2d70e3727cc2fc6e580433b938637782c78cf5df21291d08a4a73ff5adfd05c45e22b6b6ead6585fb818153f787561c094dcdbc4b14b3ad429ec1961f743b1c1557f54115043bc65d372a69131a6f41bd5179434255aa8869205d2274155bcad1d835c06d79b8dc730eb60d1abc44a072051a926bc890f1cdaa4d54c60eb3f984279eeed356d9e3da5c15b849c9e8fb299d2245719e54cafed56ba62ba5576f436206ca30f24840f20eede66513ca571bc8ff2dc95389d0927e2dbc6045ad67bda94c8117d7fc063edc4c25e89df347c4aa3de555cfa8e1f5e4299416d104b5b831812fffc0e877c7df5fc87b90412a9d7cff2f7998cee2010ee4b0b3084fd53fad6e2118b0907535ece2f50eba94d112162b075e4e0b539e4cbe2e8562c7c0d5299d2d0e1a89c91ceb4e5713fdb9d6c1786550ec172ed94757e5eb901e88d2be9f3f04217f3a3d996af7983ad33d9886b6a61860158af273aa54d0c811a62e6e637da8be4e4f810d5aba0492fb72d6bd6c8d87565e813902c732cb5bdb41087db2bf5ac84c7015e7d85fde4a5065c58fa9335341d7aa3b0a58820d0c1b0d994b396ea06d3b486216462b4fa0977acf669a1dc465959fae20e97247f67e342452846f31e7a018e667ed796f5042bcc9cd5731e4ab8eabfd508b297111df3674fba95aa5713cbe6701c1a74772a8fb0f217229509bc707013d3c4d9a7ad900ea1e536d5f18c1e0e9d52e2225646718f68043060bbd8636a6f3477e599d7e0b8ff0556c64fe9257fc0aed2b042e8702cee593c5fecaed72e500fc6d512a15cd9b1dd4f60a45bd4063f814e15660e718c349541114e09cd6092b756687ae2d5e206f84fddde49fec6082b6d5e8570f99d2a73db17fcb402ed9cb815a14d47347b8b8e8c7fc24cbd47cca942b2a42b1f74a464b6f0a7f7bf9c2a4a97e6f42856c8b2d84fa58678dadf77234b195176b6cbaeac48cb0f617b3b1826368af54fc625ca7ac6a7b3e2e6202bce6e68cf44b1eb6297d16cb0a78a1d680b5424f6e144c30f15c46054b756286497633634afada60121deedc33c607bd3c7d77c2ecda084e61284c5a42e41809102b22a2be45302ca31d7136a292928357f2da827b11ded69fccc41de3a99c65833f6d56f790c5c02a2e4ab234a7844de0248131e5233cbaf076b3c5bfb3554ac460c4e8e16b405b081d047fa304af4162ecd5945eb0bc4870b78529c581121be60e7a7532330e70469a8c4c1bffe37abd30d55b4b2ec07f0c445acf8a45193bb509e86e129e5a19212e39a40343951bd4a07fcb48db84a5d9854f8079b9b9832dac31b942802df341d39d6a6de2702191c70579b6cd99db1e587d3aff3598c11c4c77fb9ac7d32fb93523c0c9cf6774c9efb2426845539c78e8d7ef177a9e89bee0939cafd3d9dbea34bf97ece5b07cdecb734f7e4884259980be5c078c282df367bd186a67a97ed88efcb1efd28238f282632920f27982a1025f68e6bb790a70d1623ad527ebac3dd1b17f9c8f96fcf0acb07f262e15b16974d3bbfee30e861f877bf3dad0325e3d29c75f8cc6c4928701fb3fb1e2455ebe756c2d3193ee846f95124a0b77a73c8b76b332bffc280553546817e33db2fec5b30f8aee73ebee67e84503e25dedb602d23325ad0d3a1a28225b0283d02967fe27387f6143b79d30b5f6d0a261aeddf9fa9a302d5fb2d5089423dfd690b08d783fa1820a4a4302e877bf5c7940903108dfc8488b2e1f645266514c6ee2708c087121488c9e4c2208f519f4f45f8fa9d7d7e3476b013d43233d4fe6121c6ef750e48d17159add32a180608aaadaf37eea2631b463cb4daa816c070214dcb4411b32fa2ad051e53f2fd90f67643fa8a30fc7dd59e1889209cfb320c04f2168ed0873e6fce50f05d063341ffb7a008e27df48410771f6a04b03975a58cde31ea38679741a3394dfd4bda9b4b984e20ef87c3fbc0ebfd41746874a179d6bda4e46f95f8496dc4c61bb34c0bb5fa8a8fddd2d1065342262c1cc12e91a2a271f18ee2cb697f2d90247fe7aed0b3c7dc42b31750296db8400952a8a064a55815eaa1f858f145fb13f7ba8e373096612e500f728047bcd71edc50033cdd2fa8b49bf9c75639f528d9459c46e3ad463eac90ba1ba4225248c21ba10c278b052d088f5692f27686cf114846aff64e69266300fa0daee4efaf985bc7f09a6fa174844a611c7675130fa0c9c59e6f967a1d9f7fc6d763ef3c3ea37d6bf2ee22b67acb7dc118bd7a6e4d4700240ea534fc0a418fd4311b80bd3d2a57bd4abd6738e340e2627b89d945893aa24a3b2b0bfb4b06751e722732b63ecc5ddc25710c2d5ac0e74b00acb9892ca38de8817e974ecb557868c18bacf212673396257f54fe17dce5a5751f0cc642730f8e1538edcf4fa697d4607e40614c99d94df00762ccd2ec312d9a6e12fc86f6284f4bfac5055cd389b358648b1d45be944cefd4b8afc93d5d3d6ba278f5a316ddc2ce878c1b55878ffb27eb8894c5fc7be81e6c94d5844042109c8e2b1867843ceeac6c95952b47f56ff53c95795cca3f98d0f1344cd3316cd87d07c7049454c98a4e6b9037357e875aee19fafec5f0960fec04845d6845a7404eea77770522669dfa438e71fb72c51b3f97f1f01f601b3358e3a3961dd03104e27aedf116ebfd82d650c512e69377d004dea420823d144a60fb9c2c49174b86d1a2cadfbc5d2050dab5688371544a18477d8157a1b5c42ae4b38a9b41e1e348ef00fa7b4302c539ca667e0b9e20bf639afa3084e6ad78bfc78ade7aad8090d03bf8bfe39a999625288b52fb1af2dbb8f1962efefac76b90c4ec739bc200b7f94851aef9e10cd94899fa89b339591a300e71f6bb1bd0339ef1602a2f8d461571c6906ab624ea7c6297ee1f5bb1c6f45a60c6fbe45970d6e48f1111eeab16e9eec7e682908c5384cdd00187967a2341de58c5c39e2370a5ccc62c9a39ebd0784fb0280e22d70b8cddf2994bc209f9ffc3e4703cc03920c473c48549bb7a8bc8580db61dc10168a7ca29a64ccafa1ecb3fb3c76a9c8a72b3ed1c46f13a9631f494477af2b3c14c02b3baf775b9cbc9dd22e9c0de098339c8123efc6be24fee1662d5c1ecce9ea2dad3cf19b095ddd0b6156370bd38a59ac00ff7319f624c80833aec7440b9be88f7b3ead3862a81239e03f76eaefeb0f876bb9735b9acbb023ddc65aa1f5aa187b0ed0f5b3b3ff03a697984f443c06015a3ffc7edf8a18f1fff904f1b38392e2a5e48d7de2f79d5251b75f007f2b750fe376c6afabaf248e3f48fc873c282db82c021df54166ec134c942525203c84f21a074a189b051d3d861ac81d0bb67b5003374545248f0c07bcc9f3b39bcd31f52f4aa49876ecf034c099c521088a444750f70df591b75036ffabe94a22f7a8c410177bc5ef31ffc66f649467accfef153fc0259ad7d27b81e8ce3ad4179b8a3575beeb73f54defe73092c0c6138e42ce9d6c255cc6e6755150956f9c7b20c2fbad532b673afce660fd499905062d323a31d9760bd4486f5c45187199094c3f6d3d358ae8700cf41cca96fa5c24e6a5bd0485171ffb82a01051a8559e601c10f65b295a199f77c21d48359797e7087c3254f6d6546f997c14e82998a7f9f1ee7a6ea26d2b659ddf966f5566dafeb8d50e7235ff8bcf6d5e4239ce625f771bc4a4612840d52f0d96e792d1293004be5d42869396f2a3ce9abee08701e788bd737e89f24d47e81d536d5ec9330a6f0e1be9bb58c9969e32096f8a66a624df4e2141a5a9e82f148c78bed5ec2a41733bccd100ed17844f46e433e454e0e0a19ef6e9620c22ef3e669f8306e3d0bbc6350c42f354e8802025ed7fe37ee9c49227204f05c9b489e88e8f31e6d170c1788b474d685ff", 0x1000, 0x1}, {&(0x7f0000000200)="8760faeded46d79139dd52f7dbb7ea5898020b43550ff8868e4f2440cb981fef933083cbd1a323e3864ddde208191868f04646b59f64ea3881ae512fd54cd8e9e6c936b716228435469e05a84517", 0x4e, 0x8}], 0x100205c, &(0x7f0000001700)=ANY=[@ANYBLOB="6e6f6e65887461696c3d302c0014d7f2b207d7c0acfa7727302668cbcc08aa7e5840601f213bbf727f6356cf4e3fca8b57b2ba029630770304f856fb514bdd9a225d40e0f5071fe1ac21540e709393a82287535b2b048b876fdd25d0cf811ab0c7f2995f09fb3e2fb015a8df82dd6d85af5a2896c746a5ebc71fca71cef0a20b751476e4a6e4c4d0a977c89083a3b8da7ed6f7d206aae19a89fe250f68e714613cf563148b58eedc02b93b9114f5754e415ecd233a10e27b95022cf8de4142d9eae75a79b0f943cd06d97bc4e7ad6be73ecda4023f3fa24bfb"])
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x2000, @fd=r5, 0x1, 0x0, 0x0, 0x5, 0x0, {0x2}}, 0x80000001)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r7=>0x0, &(0x7f0000002a40)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r9=>0x0, &(0x7f0000002a40)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r9, r10, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
syz_io_uring_submit(r7, r10, &(0x7f0000000400)=@IORING_OP_ASYNC_CANCEL={0xe, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x1)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:12:17 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x40000000000000)

[ 1964.044897] FAULT_INJECTION: forcing a failure.
[ 1964.044897] name failslab, interval 1, probability 0, space 0, times 0
[ 1964.048104] CPU: 0 PID: 10105 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1964.049776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1964.052147] Call Trace:
[ 1964.052764]  dump_stack+0x107/0x167
[ 1964.053612]  should_fail.cold+0x5/0xa
[ 1964.054598]  ? create_object.isra.0+0x3a/0xa20
[ 1964.055698]  should_failslab+0x5/0x20
[ 1964.056609]  kmem_cache_alloc+0x5b/0x310
[ 1964.057583]  create_object.isra.0+0x3a/0xa20
[ 1964.058728]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1964.059920]  kmem_cache_alloc+0x159/0x310
[ 1964.060898]  __kernfs_new_node+0xd4/0x860
[ 1964.061868]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1964.063146]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1964.064303]  ? wait_for_completion_io+0x270/0x270
[ 1964.065462]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1964.066836]  kernfs_new_node+0x18d/0x250
[ 1964.067794]  __kernfs_create_file+0x51/0x350
[ 1964.068824]  sysfs_add_file_mode_ns+0x221/0x560
[ 1964.069915]  internal_create_group+0x324/0xb30
[ 1964.071168]  ? sysfs_remove_group+0x170/0x170
[ 1964.072242]  ? kernfs_add_one+0x124/0x4d0
[ 1964.073237]  ? kernfs_create_link+0x1b7/0x230
[ 1964.074344]  internal_create_groups.part.0+0x90/0x140
[ 1964.075555]  sysfs_create_groups+0x25/0x50
[ 1964.076548]  device_add+0x7a9/0x1c50
[ 1964.077423]  ? lockdep_init_map_type+0x2c7/0x780
[ 1964.078424]  ? devlink_add_symlinks+0x970/0x970
[ 1964.079000]  netdev_register_kobject+0x17a/0x3b0
[ 1964.079581]  register_netdevice+0xd6e/0x1480
[ 1964.080121]  ? netdev_change_features+0xb0/0xb0
[ 1964.080692]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1964.081225]  __tun_chr_ioctl+0x2156/0x3f60
[ 1964.081743]  ? lock_downgrade+0x6d0/0x6d0
[ 1964.082258]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1964.083633]  ? tun_chr_poll+0x700/0x700
[ 1964.084560]  ? wait_for_completion_io+0x270/0x270
[ 1964.085695]  ? selinux_file_ioctl+0xb6/0x270
[ 1964.086851]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1964.087925]  __x64_sys_ioctl+0x19a/0x210
[ 1964.088896]  do_syscall_64+0x33/0x40
[ 1964.089790]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1964.091186] RIP: 0033:0x7fc68ced6b19
[ 1964.092056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1964.096892] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1964.098828] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1964.100503] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1964.102177] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1964.104206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1964.105924] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:12:17 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x7a)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:12:17 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:12:31 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x80000000000000)

20:12:31 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 58)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:12:31 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x74)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:12:31 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xff, 0x0, 0x4, 0x4, 0x0, 0xfffffffffffffeff, 0x40030, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x20, 0x0, @perf_config_ext={0x6}, 0x400, 0x0, 0x20, 0x0, 0x9, 0x8, 0xfff7, 0x0, 0x7, 0x0, 0x200}, 0xffffffffffffffff, 0x0, r0, 0x10)
r1 = syz_io_uring_setup(0x3eb1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000140)=0x5)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x2, 0x8, 0x9, 0x0, 0x0, 0x1, 0x0, 0xf, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000240), 0x4}, 0x10200, 0x65461fcc, 0x9, 0x6, 0x80000001, 0x6798743d, 0x81, 0x0, 0x2, 0x0, 0x9c29}, 0x0, 0x10, 0xffffffffffffffff, 0x8)
syz_io_uring_submit(r7, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r6, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

20:12:31 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:12:31 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 97)

20:12:31 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 30)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:12:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x300)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1977.848685] FAULT_INJECTION: forcing a failure.
[ 1977.848685] name failslab, interval 1, probability 0, space 0, times 0
[ 1977.850752] FAULT_INJECTION: forcing a failure.
[ 1977.850752] name failslab, interval 1, probability 0, space 0, times 0
[ 1977.852872] CPU: 1 PID: 10140 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1977.852880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1977.852885] Call Trace:
[ 1977.852910]  dump_stack+0x107/0x167
[ 1977.852925]  should_fail.cold+0x5/0xa
[ 1977.852941]  ? create_object.isra.0+0x3a/0xa20
[ 1977.852957]  should_failslab+0x5/0x20
[ 1977.852970]  kmem_cache_alloc+0x5b/0x310
[ 1977.852986]  create_object.isra.0+0x3a/0xa20
[ 1977.853004]  kmemleak_vmalloc+0x49/0x120
[ 1977.853021]  __vmalloc_node_range+0x574/0x9e0
[ 1977.853041]  ? __vmalloc_node+0x110/0x110
[ 1977.853055]  ? __ldsem_down_read_nested+0x7e0/0x7e0
[ 1977.853073]  ? n_tty_open+0x16/0x170
[ 1977.853084]  __vmalloc_node+0xb5/0x110
[ 1977.853095]  ? n_tty_open+0x16/0x170
[ 1977.853109]  n_tty_open+0x16/0x170
[ 1977.853120]  ? n_tty_set_termios+0x1010/0x1010
[ 1977.853131]  tty_ldisc_open+0xa2/0x120
[ 1977.853144]  tty_ldisc_setup+0x43/0x100
[ 1977.853156]  tty_init_dev.part.0+0x1fa/0x610
[ 1977.853171]  ? pty_open+0x310/0x310
[ 1977.853180]  tty_init_dev+0x5b/0x80
[ 1977.853194]  ptmx_open+0x116/0x370
[ 1977.853207]  ? pty_open+0x310/0x310
[ 1977.853218]  chrdev_open+0x268/0x6e0
[ 1977.853231]  ? __unregister_chrdev+0x110/0x110
[ 1977.853246]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1977.853265]  do_dentry_open+0x4b7/0x1090
[ 1977.853278]  ? __unregister_chrdev+0x110/0x110
[ 1977.853289]  ? may_open+0x1e4/0x400
[ 1977.853302]  path_openat+0x19ba/0x2770
[ 1977.853322]  ? path_lookupat+0x860/0x860
[ 1977.853338]  ? lock_acquire+0x197/0x470
[ 1977.853349]  ? find_held_lock+0x2c/0x110
[ 1977.853370]  do_filp_open+0x190/0x3e0
[ 1977.853380]  ? may_open_dev+0xf0/0xf0
[ 1977.853402]  ? do_raw_spin_lock+0x121/0x260
[ 1977.853415]  ? rwlock_bug.part.0+0x90/0x90
[ 1977.853434]  ? _raw_spin_unlock+0x1a/0x30
[ 1977.853445]  ? alloc_fd+0x2e7/0x670
[ 1977.853466]  do_sys_openat2+0x171/0x4d0
[ 1977.853480]  ? build_open_flags+0x6f0/0x6f0
[ 1977.853492]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1977.853507]  ? wait_for_completion_io+0x270/0x270
[ 1977.853526]  __x64_sys_openat+0x13f/0x1f0
[ 1977.853537]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1977.853548]  ? ksys_write+0x1a9/0x260
[ 1977.853565]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1977.853578]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1977.853592]  do_syscall_64+0x33/0x40
[ 1977.853603]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1977.853612] RIP: 0033:0x7f7574521b19
[ 1977.853625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1977.853631] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1977.853646] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1977.853653] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1977.853661] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1977.853668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1977.853676] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1977.896040] CPU: 0 PID: 10143 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1977.896873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1977.897893] Call Trace:
[ 1977.898218]  dump_stack+0x107/0x167
[ 1977.898659]  should_fail.cold+0x5/0xa
[ 1977.899193]  ? create_object.isra.0+0x3a/0xa20
[ 1977.899803]  should_failslab+0x5/0x20
[ 1977.900310]  kmem_cache_alloc+0x5b/0x310
[ 1977.900859]  create_object.isra.0+0x3a/0xa20
[ 1977.901443]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1977.902126]  kmem_cache_alloc+0x159/0x310
[ 1977.902691]  __kernfs_new_node+0xd4/0x860
[ 1977.903266]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1977.903896]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1977.904615]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1977.905261]  ? wait_for_completion_io+0x270/0x270
[ 1977.905903]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1977.906602]  kernfs_new_node+0x18d/0x250
[ 1977.907180]  __kernfs_create_file+0x51/0x350
[ 1977.907790]  sysfs_add_file_mode_ns+0x221/0x560
[ 1977.908389]  internal_create_group+0x324/0xb30
[ 1977.908990]  ? sysfs_remove_group+0x170/0x170
[ 1977.909564]  ? kernfs_add_one+0x124/0x4d0
[ 1977.910098]  ? kernfs_create_link+0x1b7/0x230
[ 1977.910690]  internal_create_groups.part.0+0x90/0x140
[ 1977.915407]  sysfs_create_groups+0x25/0x50
[ 1977.915967]  device_add+0x7a9/0x1c50
[ 1977.916459]  ? lockdep_init_map_type+0x2c7/0x780
[ 1977.917073]  ? devlink_add_symlinks+0x970/0x970
[ 1977.917772]  netdev_register_kobject+0x17a/0x3b0
[ 1977.918535]  register_netdevice+0xd6e/0x1480
[ 1977.919265]  ? netdev_change_features+0xb0/0xb0
[ 1977.919997]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1977.920669]  __tun_chr_ioctl+0x2156/0x3f60
[ 1977.921324]  ? lock_downgrade+0x6d0/0x6d0
[ 1977.921923]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1977.922570]  ? tun_chr_poll+0x700/0x700
[ 1977.923134]  ? wait_for_completion_io+0x270/0x270
[ 1977.923773]  ? selinux_file_ioctl+0xb6/0x270
[ 1977.924375]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1977.924964]  __x64_sys_ioctl+0x19a/0x210
[ 1977.925498]  do_syscall_64+0x33/0x40
[ 1977.925987]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1977.926653] RIP: 0033:0x7f7955930b19
[ 1977.927176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1977.929571] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1977.930556] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1977.931500] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1977.932457] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1977.933388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1977.934314] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:12:31 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0xf0ffffff7f0000)

[ 1977.990817] FAULT_INJECTION: forcing a failure.
[ 1977.990817] name failslab, interval 1, probability 0, space 0, times 0
20:12:31 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = fork()
r2 = gettid()
r3 = fcntl$getown(r0, 0x9)
r4 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x8, 0x9, 0x1, 0x3f, 0x0, 0x3, 0x10000, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, @perf_config_ext={0xffffffffffffffc0, 0x80000001}, 0x2, 0x7f, 0x5, 0x9, 0x2, 0x4, 0x6, 0x0, 0x3103, 0x0, 0xfffffffffffffffd}, r3, 0x0, r0, 0x8)
kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0xf0, 0x5, 0x2, 0x0, 0x2, 0x88010, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7, 0x2, @perf_config_ext={0x7, 0x4}, 0x242, 0x1f, 0x80000001, 0x4, 0x8, 0x8000, 0xf34, 0x0, 0x2f, 0x0, 0x742e}, r2, 0x9, 0xffffffffffffffff, 0x1)
r5 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r8, 0x0, 0x0}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r9=>r4, {0x400}}, './file0\x00'})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x300000a, 0x1010, r9, 0x0)
r10 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r5, 0x8000000)
syz_io_uring_submit(r10, r7, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x0, @fd=r8, 0x0, 0x0}, 0x80000001)
io_uring_enter(r5, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1978.015659] CPU: 1 PID: 10138 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1978.055075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1978.056077] Call Trace:
[ 1978.056407]  dump_stack+0x107/0x167
[ 1978.056850]  should_fail.cold+0x5/0xa
[ 1978.057319]  ? __kernfs_new_node+0xd4/0x860
[ 1978.057845]  should_failslab+0x5/0x20
[ 1978.058309]  kmem_cache_alloc+0x5b/0x310
[ 1978.058844]  __kernfs_new_node+0xd4/0x860
[ 1978.059351]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1978.059932]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1978.060519]  ? wait_for_completion_io+0x270/0x270
[ 1978.061105]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1978.061744]  kernfs_new_node+0x18d/0x250
[ 1978.062238]  __kernfs_create_file+0x51/0x350
[ 1978.062802]  sysfs_add_file_mode_ns+0x221/0x560
[ 1978.063377]  internal_create_group+0x324/0xb30
[ 1978.063955]  ? sysfs_remove_group+0x170/0x170
[ 1978.064497]  ? kernfs_add_one+0x124/0x4d0
[ 1978.065003]  ? kernfs_create_link+0x1b7/0x230
[ 1978.065548]  internal_create_groups.part.0+0x90/0x140
[ 1978.066173]  sysfs_create_groups+0x25/0x50
[ 1978.066688]  device_add+0x7a9/0x1c50
[ 1978.067180]  ? lockdep_init_map_type+0x2c7/0x780
[ 1978.067754]  ? devlink_add_symlinks+0x970/0x970
[ 1978.068326]  netdev_register_kobject+0x17a/0x3b0
[ 1978.068904]  register_netdevice+0xd6e/0x1480
[ 1978.069440]  ? netdev_change_features+0xb0/0xb0
[ 1978.070006]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1978.070537]  __tun_chr_ioctl+0x2156/0x3f60
[ 1978.071082]  ? lock_downgrade+0x6d0/0x6d0
[ 1978.071587]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1978.072171]  ? tun_chr_poll+0x700/0x700
[ 1978.072654]  ? wait_for_completion_io+0x270/0x270
[ 1978.073246]  ? selinux_file_ioctl+0xb6/0x270
[ 1978.073781]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1978.074347]  __x64_sys_ioctl+0x19a/0x210
[ 1978.074873]  do_syscall_64+0x33/0x40
[ 1978.075326]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1978.075948] RIP: 0033:0x7fc68ced6b19
[ 1978.076401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1978.078624] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1978.079578] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1978.080439] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1978.081299] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1978.082158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1978.083052] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:12:31 executing program 0:
keyctl$chown(0x4, 0x0, 0xee01, 0xee00)
r0 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000580)="26b21f437c9e302dc4ef95e27198c2a8dda85e428398134caa3f8c263e9addb300f9191058e2fbf9b7b3a6adaf031ee535705c0126a9115c7a3d8733e16e5385ab9318d5aec01ed00ddc7a9e832500638fd58f1fc929bebdd301ef29bc63be5fdaa4a48e397c53d9", 0x68, 0x0)
r1 = add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000500)={'fscrypt:', @desc4}, &(0x7f0000000680)={0x0, "51bab78fbede0eb5fae9c09d1193a258a2e3125ffdcd424c2f8cf56e277a15201fa83a9d96dbd58e991ffb9e07a1638e07a037807e7786eb446cd80e9a5867be", 0x3d}, 0x48, r0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000700)='id_legacy\x00', &(0x7f0000000740)=@keyring={'key_or_keyring:', r0})
r2 = add_key(&(0x7f0000000280)='blacklist\x00', &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, r0)
r3 = add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000380)={'fscrypt:', @desc2}, &(0x7f0000000480)={0x0, "e776948c30407f746b4bce4fe1dfd22cfc491372bfef696cb8114417300486c7dc67510f255163554a8b1c56f99015cff18dde6bfd24cab6fc6fe129421a032a", 0x10032}, 0x48, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, 0x0, &(0x7f0000000400)=@chain={'key_or_keyring:', r3})
add_key$keyring(0x0, &(0x7f0000000800)={'syz', 0x3}, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000100), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r1)
request_key(&(0x7f0000000440)='big_key\x00', &(0x7f0000000600)={'syz', 0x0}, &(0x7f00000007c0)='fscrypt:', r4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='wchan\x00')
preadv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000840)=""/106, 0x6a}], 0x1, 0x0, 0x0)
add_key$fscrypt_provisioning(&(0x7f0000000640), &(0x7f0000000780)={'syz', 0x0}, &(0x7f00000008c0)=ANY=[@ANYBLOB="020000e1ffffff00616263646566ecd703155c4dc39075767778797a30318a333435366e451f07ac1048360e16eaee98cc7f165bc621d47bac2caee60126c3796895b0b30d18e95f9118b9027f5ce70eddffce1f752134202f114673fc5527a2777b2dea252daa9700cfcd7d89a78e3cfe48d1504ce6d57ed859bbe56425a88315d4ddefd56c0887ee177fe95629c764b955b263e02174f689dca94fd1420c05683a010f9e04ec7cc3d4427c773958c4838b810580e90cbbe91dbe3b33e1a84ea500e6a0a44e56613f6fea500f8bf95b01b1ebf1f3cb450b05dd1af6b658678b8d9802086993b6f38a9288eac769f8992a034314d2ac58f853a32ce49eb6f5c26fce300c945094e388b4ea0111a82ecd86e0a222e38fa398b6a00305e85efa8a2ce2cbf7314cf4bf"], 0x29, 0xfffffffffffffff9)
r5 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r5)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000540)}, 0x3040, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000ac0)={0x17412e500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

20:12:31 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 31)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:12:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x480)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:12:31 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 98)

20:12:31 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 59)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 1978.269237] FAULT_INJECTION: forcing a failure.
[ 1978.269237] name failslab, interval 1, probability 0, space 0, times 0
[ 1978.270993] CPU: 0 PID: 10172 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1978.271885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1978.272955] Call Trace:
[ 1978.273311]  dump_stack+0x107/0x167
[ 1978.273790]  should_fail.cold+0x5/0xa
[ 1978.274294]  ? __get_vm_area_node+0xd4/0x340
[ 1978.274890]  should_failslab+0x5/0x20
[ 1978.275395]  kmem_cache_alloc_node_trace+0x59/0x340
[ 1978.276060]  __get_vm_area_node+0xd4/0x340
[ 1978.276627]  __vmalloc_node_range+0x13f/0x9e0
[ 1978.277213]  ? n_tty_open+0x16/0x170
[ 1978.277701]  ? n_tty_open+0x16/0x170
[ 1978.278194]  ? __vmalloc_node+0x110/0x110
[ 1978.278756]  ? up_write+0x191/0x550
[ 1978.279238]  ? down_write_killable+0x180/0x180
[ 1978.279834]  ? n_tty_open+0x16/0x170
[ 1978.280329]  __vmalloc_node+0xb5/0x110
[ 1978.280837]  ? n_tty_open+0x16/0x170
[ 1978.281337]  n_tty_open+0x16/0x170
[ 1978.281802]  ? n_tty_set_termios+0x1010/0x1010
[ 1978.282394]  tty_ldisc_open+0xa2/0x120
[ 1978.282926]  tty_ldisc_setup+0x90/0x100
[ 1978.283449]  tty_init_dev.part.0+0x1fa/0x610
[ 1978.284025]  ? pty_open+0x310/0x310
[ 1978.284506]  tty_init_dev+0x5b/0x80
[ 1978.284986]  ptmx_open+0x116/0x370
[ 1978.285457]  ? pty_open+0x310/0x310
[ 1978.285938]  chrdev_open+0x268/0x6e0
[ 1978.286431]  ? __unregister_chrdev+0x110/0x110
[ 1978.287051]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1978.287676]  do_dentry_open+0x4b7/0x1090
[ 1978.288210]  ? __unregister_chrdev+0x110/0x110
[ 1978.288816]  ? may_open+0x1e4/0x400
[ 1978.289296]  path_openat+0x19ba/0x2770
[ 1978.289817]  ? path_lookupat+0x860/0x860
[ 1978.290350]  ? lock_acquire+0x197/0x470
[ 1978.290886]  ? find_held_lock+0x2c/0x110
[ 1978.291435]  do_filp_open+0x190/0x3e0
[ 1978.291938]  ? may_open_dev+0xf0/0xf0
[ 1978.292452]  ? do_raw_spin_lock+0x121/0x260
[ 1978.293022]  ? rwlock_bug.part.0+0x90/0x90
[ 1978.293540] FAULT_INJECTION: forcing a failure.
[ 1978.293540] name failslab, interval 1, probability 0, space 0, times 0
[ 1978.293583]  ? _raw_spin_unlock+0x1a/0x30
[ 1978.295440]  ? alloc_fd+0x2e7/0x670
[ 1978.295897]  do_sys_openat2+0x171/0x4d0
[ 1978.296394]  ? build_open_flags+0x6f0/0x6f0
[ 1978.296920]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1978.297520]  ? wait_for_completion_io+0x270/0x270
[ 1978.298126]  __x64_sys_openat+0x13f/0x1f0
[ 1978.298633]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1978.299170]  ? ksys_write+0x1a9/0x260
[ 1978.299645]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1978.300293]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1978.300925]  do_syscall_64+0x33/0x40
[ 1978.301391]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1978.302022] RIP: 0033:0x7f7574521b19
[ 1978.302483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1978.304739] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1978.305675] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1978.306552] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1978.307444] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1978.308320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1978.309196] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1978.310093] CPU: 1 PID: 10175 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1978.310157] syz-executor.7: vmalloc: allocation failure: 9120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[ 1978.310954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1978.310959] Call Trace:
[ 1978.310975]  dump_stack+0x107/0x167
[ 1978.310990]  should_fail.cold+0x5/0xa
[ 1978.312337] ,cpuset=
[ 1978.313268]  ? __kernfs_new_node+0xd4/0x860
[ 1978.313284]  should_failslab+0x5/0x20
[ 1978.313302]  kmem_cache_alloc+0x5b/0x310
[ 1978.313661] syz7
[ 1978.314057]  __kernfs_new_node+0xd4/0x860
[ 1978.314525] ,mems_allowed=0
[ 1978.314818]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1978.315343] 
[ 1978.315786]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1978.315805]  ? wait_for_completion_io+0x270/0x270
[ 1978.319302]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1978.319949]  kernfs_new_node+0x18d/0x250
[ 1978.320455]  __kernfs_create_file+0x51/0x350
[ 1978.321000]  sysfs_add_file_mode_ns+0x221/0x560
[ 1978.321576]  internal_create_group+0x324/0xb30
[ 1978.322143]  ? sysfs_remove_group+0x170/0x170
[ 1978.322688]  ? kernfs_add_one+0x124/0x4d0
[ 1978.323226]  ? kernfs_create_link+0x1b7/0x230
[ 1978.323776]  internal_create_groups.part.0+0x90/0x140
[ 1978.324432]  sysfs_create_groups+0x25/0x50
[ 1978.324953]  device_add+0x7a9/0x1c50
[ 1978.325417]  ? lockdep_init_map_type+0x2c7/0x780
[ 1978.326001]  ? devlink_add_symlinks+0x970/0x970
[ 1978.326580]  netdev_register_kobject+0x17a/0x3b0
[ 1978.327186]  register_netdevice+0xd6e/0x1480
[ 1978.327727]  ? netdev_change_features+0xb0/0xb0
[ 1978.328305]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1978.328840]  __tun_chr_ioctl+0x2156/0x3f60
[ 1978.329365]  ? lock_downgrade+0x6d0/0x6d0
[ 1978.329873]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1978.330468]  ? tun_chr_poll+0x700/0x700
[ 1978.330971]  ? wait_for_completion_io+0x270/0x270
[ 1978.331571]  ? selinux_file_ioctl+0xb6/0x270
[ 1978.332119]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1978.332668]  __x64_sys_ioctl+0x19a/0x210
[ 1978.333173]  do_syscall_64+0x33/0x40
[ 1978.333629]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1978.334276] RIP: 0033:0x7f7955930b19
[ 1978.334732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1978.336981] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1978.337906] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1978.338787] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1978.339658] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1978.340531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1978.341403] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1978.342295] CPU: 0 PID: 10172 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1978.343203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1978.344257] Call Trace:
[ 1978.344602]  dump_stack+0x107/0x167
[ 1978.345080]  warn_alloc.cold+0x95/0x18a
[ 1978.345603]  ? zone_watermark_ok_safe+0x260/0x260
[ 1978.346239]  ? __get_vm_area_node+0xd4/0x340
[ 1978.346832]  ? __kasan_kmalloc.constprop.0+0xa2/0xd0
[ 1978.347488]  ? __get_vm_area_node+0x262/0x340
[ 1978.348075]  __vmalloc_node_range+0x58f/0x9e0
[ 1978.348661]  ? n_tty_open+0x16/0x170
[ 1978.349156]  ? __vmalloc_node+0x110/0x110
[ 1978.349693]  ? up_write+0x191/0x550
[ 1978.350164]  ? down_write_killable+0x180/0x180
[ 1978.350772]  ? n_tty_open+0x16/0x170
[ 1978.351265]  __vmalloc_node+0xb5/0x110
[ 1978.351774]  ? n_tty_open+0x16/0x170
[ 1978.352261]  n_tty_open+0x16/0x170
[ 1978.352728]  ? n_tty_set_termios+0x1010/0x1010
[ 1978.353317]  tty_ldisc_open+0xa2/0x120
[ 1978.353828]  tty_ldisc_setup+0x90/0x100
[ 1978.354344]  tty_init_dev.part.0+0x1fa/0x610
[ 1978.354929]  ? pty_open+0x310/0x310
[ 1978.355389]  tty_init_dev+0x5b/0x80
[ 1978.355868]  ptmx_open+0x116/0x370
[ 1978.356339]  ? pty_open+0x310/0x310
[ 1978.356819]  chrdev_open+0x268/0x6e0
[ 1978.357305]  ? __unregister_chrdev+0x110/0x110
[ 1978.357902]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1978.358518]  do_dentry_open+0x4b7/0x1090
[ 1978.359073]  ? __unregister_chrdev+0x110/0x110
[ 1978.359662]  ? may_open+0x1e4/0x400
[ 1978.360147]  path_openat+0x19ba/0x2770
[ 1978.360665]  ? path_lookupat+0x860/0x860
[ 1978.361211]  ? lock_acquire+0x197/0x470
[ 1978.361728]  ? find_held_lock+0x2c/0x110
[ 1978.362288]  do_filp_open+0x190/0x3e0
[ 1978.362796]  ? may_open_dev+0xf0/0xf0
[ 1978.363316]  ? do_raw_spin_lock+0x121/0x260
[ 1978.363887]  ? rwlock_bug.part.0+0x90/0x90
[ 1978.364454]  ? _raw_spin_unlock+0x1a/0x30
[ 1978.365001]  ? alloc_fd+0x2e7/0x670
[ 1978.365498]  do_sys_openat2+0x171/0x4d0
[ 1978.366033]  ? build_open_flags+0x6f0/0x6f0
[ 1978.366615]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1978.367277]  ? wait_for_completion_io+0x270/0x270
[ 1978.367910]  __x64_sys_openat+0x13f/0x1f0
[ 1978.368449]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1978.368996]  ? ksys_write+0x1a9/0x260
[ 1978.369501]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1978.370175]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1978.370854]  do_syscall_64+0x33/0x40
[ 1978.371343]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1978.372010] RIP: 0033:0x7f7574521b19
[ 1978.372490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1978.374831] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1978.375816] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1978.376735] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1978.377648] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1978.378572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1978.379513] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1978.380540] Mem-Info:
[ 1978.381031] active_anon:55 inactive_anon:53535 isolated_anon:0
[ 1978.381031]  active_file:15552 inactive_file:73296 isolated_file:0
[ 1978.381031]  unevictable:3 dirty:357 writeback:0
[ 1978.381031]  slab_reclaimable:9006 slab_unreclaimable:63862
[ 1978.381031]  mapped:82497 shmem:662 pagetables:1730 bounce:0
[ 1978.381031]  free:89006 free_pcp:500 free_cma:0
[ 1978.385216] Node 0 active_anon:220kB inactive_anon:214140kB active_file:62208kB inactive_file:293184kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:329988kB dirty:1512kB writeback:0kB shmem:2648kB writeback_tmp:0kB kernel_stack:4736kB all_unreclaimable? no
[ 1978.388399] Node 0 DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1978.391944] lowmem_reserve[]: 0 1616 1616 1616
[ 1978.392659] Node 0 DMA32 free:340020kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:220kB inactive_anon:214140kB active_file:62208kB inactive_file:293184kB unevictable:12kB writepending:1708kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:6920kB bounce:0kB free_pcp:1980kB local_pcp:544kB free_cma:0kB
[ 1978.396608] lowmem_reserve[]: 0 0 0 0
[ 1978.397245] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1978.399363] Node 0 DMA32: 211*4kB (UME) 533*8kB (UME) 346*16kB (UME) 137*32kB (UME) 78*64kB (UM) 101*128kB (UME) 57*256kB (UME) 37*512kB (UM) 19*1024kB (U) 18*2048kB (UM) 53*4096kB (UM) = 339892kB
[ 1978.401920] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1978.403196] 31262 total pagecache pages
[ 1978.403710] 0 pages in swap cache
[ 1978.404284] Swap cache stats: add 0, delete 0, find 0/0
[ 1978.405071] Free swap  = 0kB
[ 1978.405510] Total swap = 0kB
[ 1978.405954] 524158 pages RAM
[ 1978.406430] 0 pages HighMem/MovableOnly
[ 1978.407063] 105064 pages reserved
[ 1978.409669] FAULT_INJECTION: forcing a failure.
[ 1978.409669] name failslab, interval 1, probability 0, space 0, times 0
[ 1978.411169] CPU: 1 PID: 10177 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1978.412065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1978.413138] Call Trace:
[ 1978.413488]  dump_stack+0x107/0x167
[ 1978.413966]  should_fail.cold+0x5/0xa
[ 1978.414465]  ? create_object.isra.0+0x3a/0xa20
[ 1978.415105]  should_failslab+0x5/0x20
[ 1978.415601]  kmem_cache_alloc+0x5b/0x310
[ 1978.416138]  create_object.isra.0+0x3a/0xa20
[ 1978.416713]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1978.417369]  kmem_cache_alloc+0x159/0x310
[ 1978.417916]  __kernfs_new_node+0xd4/0x860
[ 1978.418425]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1978.419020]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1978.419607]  ? wait_for_completion_io+0x270/0x270
[ 1978.420192]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1978.420829]  kernfs_new_node+0x18d/0x250
[ 1978.421323]  __kernfs_create_file+0x51/0x350
[ 1978.421880]  sysfs_add_file_mode_ns+0x221/0x560
[ 1978.422448]  internal_create_group+0x324/0xb30
[ 1978.423247]  ? sysfs_remove_group+0x170/0x170
[ 1978.423834]  ? kernfs_add_one+0x124/0x4d0
20:12:31 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

[ 1978.424380]  ? kernfs_create_link+0x1b7/0x230
[ 1978.425022]  internal_create_groups.part.0+0x90/0x140
[ 1978.425856]  sysfs_create_groups+0x25/0x50
[ 1978.426547]  device_add+0x7a9/0x1c50
[ 1978.427164]  ? lockdep_init_map_type+0x2c7/0x780
[ 1978.427914]  ? devlink_add_symlinks+0x970/0x970
[ 1978.428666]  netdev_register_kobject+0x17a/0x3b0
[ 1978.429345]  register_netdevice+0xd6e/0x1480
[ 1978.429945]  ? netdev_change_features+0xb0/0xb0
[ 1978.430577]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1978.431169]  __tun_chr_ioctl+0x2156/0x3f60
[ 1978.431741]  ? lock_downgrade+0x6d0/0x6d0
[ 1978.432283]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1978.432911]  ? tun_chr_poll+0x700/0x700
[ 1978.433432]  ? wait_for_completion_io+0x270/0x270
[ 1978.434074]  ? selinux_file_ioctl+0xb6/0x270
[ 1978.434687]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1978.435292]  __x64_sys_ioctl+0x19a/0x210
[ 1978.435831]  do_syscall_64+0x33/0x40
[ 1978.436319]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1978.437001] RIP: 0033:0x7fc68ced6b19
[ 1978.437489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1978.439848] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1978.440769] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1978.441629] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1978.442490] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1978.443426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1978.444358] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:12:31 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x100000000000000)

20:12:31 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x506a4580f8c6d009, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x50800, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_setup(0x5166, &(0x7f0000000100)={0x0, 0x4000ae4d, 0x20, 0x2, 0x2d6, 0x0, r0}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000200))
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
r7 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r10}}, 0x0)
syz_io_uring_submit(r4, r6, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r10}}, 0x7)
r11 = inotify_init1(0x800)
r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd=r11, 0x81, &(0x7f0000000240)=""/1, 0x1, 0xc, 0x0, {0x0, r12}}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1978.526489] ptm ptm0: ldisc open failed (-12), clearing slot 0
20:12:45 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 99)

[ 1992.420194] FAULT_INJECTION: forcing a failure.
[ 1992.420194] name failslab, interval 1, probability 0, space 0, times 0
[ 1992.421668] CPU: 1 PID: 10208 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1992.422506] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1992.423527] Call Trace:
[ 1992.423856]  dump_stack+0x107/0x167
[ 1992.424303]  should_fail.cold+0x5/0xa
[ 1992.424771]  ? create_object.isra.0+0x3a/0xa20
[ 1992.425332]  should_failslab+0x5/0x20
[ 1992.425796]  kmem_cache_alloc+0x5b/0x310
[ 1992.426294]  ? lock_chain_count+0x20/0x20
[ 1992.426801]  create_object.isra.0+0x3a/0xa20
[ 1992.431377]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1992.432003]  kmem_cache_alloc_node_trace+0x16d/0x340
[ 1992.432625]  __get_vm_area_node+0xd4/0x340
[ 1992.433145]  __vmalloc_node_range+0x13f/0x9e0
[ 1992.433689]  ? n_tty_open+0x16/0x170
[ 1992.434140]  ? n_tty_open+0x16/0x170
[ 1992.434598]  ? __vmalloc_node+0x110/0x110
[ 1992.435107]  ? up_write+0x191/0x550
[ 1992.435568]  ? down_write_killable+0x180/0x180
[ 1992.436122]  ? n_tty_open+0x16/0x170
[ 1992.436573]  __vmalloc_node+0xb5/0x110
[ 1992.437045]  ? n_tty_open+0x16/0x170
[ 1992.437498]  n_tty_open+0x16/0x170
[ 1992.437935]  ? n_tty_set_termios+0x1010/0x1010
[ 1992.438495]  tty_ldisc_open+0xa2/0x120
[ 1992.438968]  tty_ldisc_setup+0x90/0x100
[ 1992.439492]  tty_init_dev.part.0+0x1fa/0x610
[ 1992.440028]  ? pty_open+0x310/0x310
[ 1992.440466]  tty_init_dev+0x5b/0x80
[ 1992.440907]  ptmx_open+0x116/0x370
[ 1992.441340]  ? pty_open+0x310/0x310
[ 1992.443775] FAULT_INJECTION: forcing a failure.
[ 1992.443775] name failslab, interval 1, probability 0, space 0, times 0
[ 1992.447702]  chrdev_open+0x268/0x6e0
[ 1992.447717]  ? __unregister_chrdev+0x110/0x110
[ 1992.447743]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1992.450630]  do_dentry_open+0x4b7/0x1090
[ 1992.451128]  ? __unregister_chrdev+0x110/0x110
[ 1992.451710]  ? may_open+0x1e4/0x400
[ 1992.452157]  path_openat+0x19ba/0x2770
[ 1992.452637]  ? path_lookupat+0x860/0x860
[ 1992.453134]  ? lock_acquire+0x197/0x470
[ 1992.453615]  ? find_held_lock+0x2c/0x110
[ 1992.454121]  do_filp_open+0x190/0x3e0
[ 1992.454582]  ? may_open_dev+0xf0/0xf0
[ 1992.455055]  ? do_raw_spin_lock+0x121/0x260
[ 1992.455611]  ? rwlock_bug.part.0+0x90/0x90
[ 1992.456132]  ? _raw_spin_unlock+0x1a/0x30
[ 1992.456635]  ? alloc_fd+0x2e7/0x670
[ 1992.457087]  do_sys_openat2+0x171/0x4d0
[ 1992.457572]  ? build_open_flags+0x6f0/0x6f0
[ 1992.458097]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1992.458684]  ? wait_for_completion_io+0x270/0x270
[ 1992.459297]  __x64_sys_openat+0x13f/0x1f0
[ 1992.459817]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1992.460333]  ? ksys_write+0x1a9/0x260
[ 1992.460801]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1992.461440]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1992.462070]  do_syscall_64+0x33/0x40
[ 1992.462522]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1992.463145] RIP: 0033:0x7f7574521b19
[ 1992.463630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1992.465848] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1992.466770] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1992.467676] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1992.468538] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1992.469401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1992.470263] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1992.471150] CPU: 0 PID: 10202 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1992.472021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1992.473024] Call Trace:
[ 1992.473356]  dump_stack+0x107/0x167
[ 1992.473799]  should_fail.cold+0x5/0xa
[ 1992.474268]  ? create_object.isra.0+0x3a/0xa20
[ 1992.474826]  should_failslab+0x5/0x20
[ 1992.475304]  kmem_cache_alloc+0x5b/0x310
[ 1992.475805]  create_object.isra.0+0x3a/0xa20
[ 1992.476341]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1992.476960]  kmem_cache_alloc+0x159/0x310
[ 1992.477474]  __kernfs_new_node+0xd4/0x860
[ 1992.477993]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1992.478580]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1992.479170]  ? wait_for_completion_io+0x270/0x270
[ 1992.479770]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1992.480417]  kernfs_new_node+0x18d/0x250
[ 1992.480920]  __kernfs_create_file+0x51/0x350
[ 1992.481461]  sysfs_add_file_mode_ns+0x221/0x560
[ 1992.482037]  internal_create_group+0x324/0xb30
[ 1992.482608]  ? sysfs_remove_group+0x170/0x170
[ 1992.483160]  ? kernfs_add_one+0x124/0x4d0
[ 1992.483696]  ? kernfs_create_link+0x1b7/0x230
[ 1992.484253]  internal_create_groups.part.0+0x90/0x140
[ 1992.484880]  sysfs_create_groups+0x25/0x50
[ 1992.485397]  device_add+0x138f/0x1c50
[ 1992.485870]  ? lockdep_init_map_type+0x2c7/0x780
[ 1992.486453]  ? devlink_add_symlinks+0x970/0x970
[ 1992.487031]  netdev_register_kobject+0x17a/0x3b0
[ 1992.487632]  register_netdevice+0xd6e/0x1480
[ 1992.488173]  ? netdev_change_features+0xb0/0xb0
[ 1992.488743]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1992.489277]  __tun_chr_ioctl+0x2156/0x3f60
[ 1992.489794]  ? lock_downgrade+0x6d0/0x6d0
[ 1992.490301]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1992.490887]  ? tun_chr_poll+0x700/0x700
[ 1992.491396]  ? wait_for_completion_io+0x270/0x270
[ 1992.491992]  ? selinux_file_ioctl+0xb6/0x270
[ 1992.492532]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1992.493083]  __x64_sys_ioctl+0x19a/0x210
[ 1992.493580]  do_syscall_64+0x33/0x40
[ 1992.494033]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1992.494658] RIP: 0033:0x7f7955930b19
[ 1992.495133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1992.497385] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1992.498313] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1992.499181] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1992.500059] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1992.500926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1992.501794] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
20:12:45 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

20:12:45 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x2000000000000000)

20:12:45 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 32)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:12:45 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x500)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:12:45 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 60)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:12:45 executing program 0:
gettid()
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = syz_open_dev$mouse(&(0x7f00000003c0), 0x100000000, 0x404000)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x7)
r7 = pidfd_getfd(r0, 0xffffffffffffffff, 0x0)
io_submit(0x0, 0x3, &(0x7f0000000900)=[&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x2, r1, &(0x7f0000000640)="005b8e56003b877bdb8c7a1c758f43d7a7e46e9114a398c4e0507e9f46323d7b785da19f26b372363d60c9e106ee9e44ac24991d4805536267d2601d6b9ab7f9356ed6ccfa39d286621e566c74827b5041fedf1ef980c1248a", 0x59, 0xef, 0x0, 0x1}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x8, 0x7fff, r4, &(0x7f0000000700)="7ee59a962544fb2a05dc298cadbc664fed26c1789c420179bcb875d6a216d369740385fa781f064eb7552ea3f5eb827b327bbc5a93c9f7b97cbe26a686d527aee15e68fae77e851b68ff0eddb8a064a00e6ca9e61276f38f60388bd89d88", 0x5e, 0x8000, 0x0, 0x1, r3}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x7, r6, &(0x7f00000007c0)="6b2aa03ef2d1030f46103e3768976dc8c49751fd6548b063a95b1cf022aaa732becd8654a1ef5d76219f77031b6d61840ad8b80feed159fe042cf6b431b338ba41fb5510e09c168d876fe4871172386cd33180a38d3b8bbb2b58ae2daa8fead0c1045494303def13c9d09df260ff281bf66085ec4048b3dd90b3ed2439801147de9eb81fa346a7433200f333e7964d98c227bb637787b0dc39fdcb8df28397a367484b06e988cc903028b4fcea94477fa121c74d31bd6d1b05a989848f07186e61500fa58fa5d78fbd7028572d898209055438d45d1b97909667773f6b6cb38e1b2b2b3e745528230732a802d04e1c4565ed925532396012820a176e572df3", 0xff, 0x8, 0x0, 0x5, r7}])
sendmsg$nl_generic(r1, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20001249}, 0xc, &(0x7f00000005c0)={&(0x7f0000000940)={0x44, 0x3c, 0x2, 0x70bd2d, 0x25dfdbfe, {0x20}, [@generic="d4c79793596f77fae9917feca347c75e9083ee643dbb1393eac317e6988a", @typed={0x8, 0x80, 0x0, 0x0, @u32}, @typed={0x8, 0x47, 0x0, 0x0, @u32=0x8001}]}, 0x44}, 0x1, 0x0, 0x0, 0x40080}, 0x850)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_CONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000009c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="850000000000000000000200000008000300a3f138f74c96c398a5a326e8dd15892eb1cec6ce84054db1d519dcd3ad05b64ddc68de72f4228a4eb42121bd05fe44ff5d3e2e", @ANYRES32=r10, @ANYBLOB="0c0040e32c86e86f3531276da7f4d034307107c4247a60d8b635ee0aa41a8184630800000000000000534944ac"], 0x30}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
splice(r1, &(0x7f0000000400)=0x3, r2, &(0x7f0000000440)=0x2, 0x3, 0xc)
sendmsg$nl_generic(r0, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0x1d0, 0x2d, 0x800, 0x70bd28, 0x25dfdbfb, {0x1c}, [@typed={0x14, 0x2, 0x0, 0x0, @ipv6=@empty}, @generic="97b97ac0c0bb555fbfe1ad012b0fc10ca691dad744ac07f7de93278e89f3b328d179eb37f911ab44", @nested={0x8c, 0x2c, 0x0, 0x1, [@typed={0x8, 0x51, 0x0, 0x0, @ipv4=@remote}, @generic="4d92064bf9ec58657234f0524dfa9ba2dba41114cc8dd28cd33d587301fed2c674a44d72062cfb9d5134ebcc847b769342c77fffdcdf6c828329b54bd1f2e4a429884e78ec668d3962b2bf6af7bdfb4c09a4bb2a08508523411014090a22149e9683bd4432eafed4bf509ffb429df0ad8211032a1632b44921de1f6d08198614"]}, @typed={0x9, 0x69, 0x0, 0x0, @str='debug'}, @typed={0xe5, 0x80, 0x0, 0x0, @binary="4ad7316b833e9fc2b314c7e6de47bb848e7a95a9ad3c11cce3d8e5962935b24b7ccb20d7728d1d63af87aa78cfba3ce464ba4ce7faf03d73e1a71b3c68a3079f498d7ef15c0a16c3c898ea8a195d392ef429bf2df2199803c3c2ac071f8792928a2514cfff8d7619ed4a5f92bf3273b821813cbcc3aeb74b330a16c32acea1d377642bf734a34f2c6e564533d29fbcac18be8a9327b24d99b9692ff16e580680f67c4f82691c9b1a9f642c775b4cb89389f37fe98ee8d6b69dc45c0dc11be2afef174fb0c00723463c7ba99ba1a10c2a7e324c7747e165a58fde58fc32832c6459"}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000380)={[{@dots}, {@fat=@debug}, {@nodots}]})
openat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x80, 0x3)
ioctl$AUTOFS_IOC_ASKUMOUNT(r3, 0x80049370, &(0x7f00000004c0))

20:12:45 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000004, 0x30, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r5, r7, &(0x7f0000000100)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3}, 0x96)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1992.513268] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
20:12:45 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r5, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ASYNC_CANCEL={0xe, 0x3, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x0, {0x0, r6}}, 0x1f)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1992.558889] FAULT_INJECTION: forcing a failure.
[ 1992.558889] name failslab, interval 1, probability 0, space 0, times 0
[ 1992.566144] CPU: 1 PID: 10216 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1992.567001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1992.568027] Call Trace:
[ 1992.568359]  dump_stack+0x107/0x167
[ 1992.568804]  should_fail.cold+0x5/0xa
[ 1992.569271]  ? create_object.isra.0+0x3a/0xa20
[ 1992.569829]  should_failslab+0x5/0x20
[ 1992.570293]  kmem_cache_alloc+0x5b/0x310
[ 1992.570793]  create_object.isra.0+0x3a/0xa20
[ 1992.571363]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1992.571986]  kmem_cache_alloc+0x159/0x310
[ 1992.572502]  __kernfs_new_node+0xd4/0x860
[ 1992.573020]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1992.573606]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1992.574195]  ? wait_for_completion_io+0x270/0x270
[ 1992.574787]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1992.575445]  kernfs_new_node+0x18d/0x250
[ 1992.575941]  __kernfs_create_file+0x51/0x350
[ 1992.576479]  sysfs_add_file_mode_ns+0x221/0x560
[ 1992.577048]  internal_create_group+0x324/0xb30
[ 1992.577609]  ? sysfs_remove_group+0x170/0x170
[ 1992.578154]  ? kernfs_add_one+0x124/0x4d0
[ 1992.578659]  ? kernfs_create_link+0x1b7/0x230
[ 1992.579204]  internal_create_groups.part.0+0x90/0x140
[ 1992.579861]  sysfs_create_groups+0x25/0x50
[ 1992.580378]  device_add+0x7a9/0x1c50
[ 1992.580834]  ? lockdep_init_map_type+0x2c7/0x780
[ 1992.581405]  ? devlink_add_symlinks+0x970/0x970
[ 1992.581981]  netdev_register_kobject+0x17a/0x3b0
[ 1992.582558]  register_netdevice+0xd6e/0x1480
[ 1992.583095]  ? netdev_change_features+0xb0/0xb0
[ 1992.583690]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1992.584229]  __tun_chr_ioctl+0x2156/0x3f60
[ 1992.584742]  ? lock_downgrade+0x6d0/0x6d0
[ 1992.585248]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1992.585830]  ? tun_chr_poll+0x700/0x700
[ 1992.586315]  ? wait_for_completion_io+0x270/0x270
[ 1992.586905]  ? selinux_file_ioctl+0xb6/0x270
[ 1992.591482]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1992.592040]  __x64_sys_ioctl+0x19a/0x210
[ 1992.592534]  do_syscall_64+0x33/0x40
[ 1992.592991]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1992.593611] RIP: 0033:0x7fc68ced6b19
[ 1992.594067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1992.596308] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1992.597232] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1992.598101] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1992.598968] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1992.599855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1992.600725] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
[ 1992.621292] FAT-fs (loop0): bogus number of reserved sectors
[ 1992.622185] FAT-fs (loop0): Can't find a valid FAT filesystem
20:12:46 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="3472616e733d666478312e8b22a54c6f50aaf0f942c78090cc1852c74f8ba24b633260ee071be3be8a97aaa0a8725cb4a1819968494a801fd6bfd67441735ddffa88db4feb7f03440f276a02cd3c9451a95d69943b1ae6c80000", @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x5, 0x0, 0xfe, 0xff, 0x0, 0x20000000000430b, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, @perf_config_ext, 0x0, 0x0, 0x1, 0x0, 0x400000000000, 0x0, 0x0, 0x0, 0x101, 0x0, 0x4}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
pipe(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
sendfile(r0, r4, &(0x7f0000000140), 0x8000)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4, 0x88033, r5, 0x8000000)
pipe(&(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
syz_io_uring_submit(r7, r2, &(0x7f0000000100)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x2000, @fd=r9, 0x0, &(0x7f0000000200)=""/80, 0x50, 0x10}, 0x401)
syz_io_uring_submit(r6, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:12:46 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a5d, &(0x7f0000000100)={0x0, 0x63e, 0x8, 0x0, 0x152, 0x0, r0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200))
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@msize={'msize', 0x3d, 0x800003}}]}})
r7 = open(&(0x7f0000000240)='./file0\x00', 0x1, 0xa)
sendfile(r5, r7, &(0x7f0000000280)=0xffffffff, 0x7)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1992.701381] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
20:12:46 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) (fail_nth: 33)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000b00)=ANY=[@ANYBLOB="7f454c460102021f020000000000000002000600000000002a000000000000004000000000000000700100000000000000000080080038000100f7ff01040000100000600000000000000000000000000500000000000000010000000000000000000000945400000100000000000000020000000500000001000000000000003f0000000000000001000000010000005e000000000000000800000000000000000200000000000051957fba74866657b556fe491bd19c48ea2875a7ecd6d9696476a0d903f07b87c5d59bfbadc15cf8f7da4a8aaa318d27b5b87295fb206e5b7a709b9033c76b73c10b2e55681c548583761dd428de3bde8e0e760f0162898b02e19e6686097bfa8156028d970b2e25009f91188711000000000000000000000000000000000000000000004031dcb0c9fdaa95016a6b3fe4e08f42000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000042f39500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ccd300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aba4fe619eb6d7aaa47ff8c3d57ea76498a1a53f6c069f40e26662ff8dfd6eee983685db9c762f9456c1ecfd5d3771a2aca63a59dc099aeae7162322535261ccb9bba5ed65679a5c1413d5fb890e424fa3d60ee477ba42e10c5ae40f7e8f5484e0586a7bb04fe73ee9f258c3c7d96b6b028598c80eb8168f801a49279ecee66e92593b0d822d3937cc2b5311dcc2bb08f98ddfae66cef5a972fe6e398ab4f1a015e9edb3ff7b257ab2dae26da18a"], 0x32c)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
dup3(0xffffffffffffffff, r3, 0x80000)

20:12:46 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 100)

20:12:46 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x600)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

20:12:46 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB=',msize=0x0000000000800003,\x00'])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
r6 = openat2(r0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)={0xa02, 0x88, 0x19}, 0x18)
pidfd_getfd(r6, r0, 0x0)
io_uring_enter(r1, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

[ 1992.803443] FAULT_INJECTION: forcing a failure.
[ 1992.803443] name failslab, interval 1, probability 0, space 0, times 0
[ 1992.804952] CPU: 1 PID: 10243 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1992.805801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1992.806816] Call Trace:
[ 1992.807146]  dump_stack+0x107/0x167
[ 1992.807620]  should_fail.cold+0x5/0xa
[ 1992.808089]  ? alloc_vmap_area+0x148/0x1d10
[ 1992.808614]  should_failslab+0x5/0x20
[ 1992.809079]  kmem_cache_alloc_node+0x55/0x330
[ 1992.809632]  alloc_vmap_area+0x148/0x1d10
[ 1992.810136]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[ 1992.810781]  ? mark_held_locks+0x9e/0xe0
[ 1992.811288]  ? purge_vmap_area_lazy+0xc0/0xc0
[ 1992.811845]  ? kasan_unpoison_shadow+0x33/0x50
[ 1992.812400]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1992.813018]  __get_vm_area_node+0x127/0x340
[ 1992.813549]  __vmalloc_node_range+0x13f/0x9e0
[ 1992.814093]  ? n_tty_open+0x16/0x170
[ 1992.814545]  ? n_tty_open+0x16/0x170
[ 1992.815003]  ? __vmalloc_node+0x110/0x110
[ 1992.815537]  ? up_write+0x191/0x550
[ 1992.815983]  ? down_write_killable+0x180/0x180
[ 1992.816537]  ? n_tty_open+0x16/0x170
[ 1992.816988]  __vmalloc_node+0xb5/0x110
[ 1992.817464]  ? n_tty_open+0x16/0x170
[ 1992.817917]  n_tty_open+0x16/0x170
[ 1992.818348]  ? n_tty_set_termios+0x1010/0x1010
[ 1992.818899]  tty_ldisc_open+0xa2/0x120
[ 1992.819405]  tty_ldisc_setup+0x90/0x100
[ 1992.819890]  tty_init_dev.part.0+0x1fa/0x610
[ 1992.820427]  ? pty_open+0x310/0x310
[ 1992.820867]  tty_init_dev+0x5b/0x80
[ 1992.821313]  ptmx_open+0x116/0x370
[ 1992.821746]  ? pty_open+0x310/0x310
[ 1992.822190]  chrdev_open+0x268/0x6e0
[ 1992.822644]  ? __unregister_chrdev+0x110/0x110
[ 1992.823203]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1992.823802]  do_dentry_open+0x4b7/0x1090
[ 1992.824309]  ? __unregister_chrdev+0x110/0x110
[ 1992.824876]  ? may_open+0x1e4/0x400
[ 1992.825320]  path_openat+0x19ba/0x2770
[ 1992.825802]  ? path_lookupat+0x860/0x860
[ 1992.826318]  ? lock_acquire+0x197/0x470
[ 1992.826800]  ? find_held_lock+0x2c/0x110
[ 1992.827315]  do_filp_open+0x190/0x3e0
[ 1992.827781]  ? may_open_dev+0xf0/0xf0
[ 1992.828252]  ? do_raw_spin_lock+0x121/0x260
[ 1992.828777]  ? rwlock_bug.part.0+0x90/0x90
[ 1992.829296]  ? _raw_spin_unlock+0x1a/0x30
[ 1992.829799]  ? alloc_fd+0x2e7/0x670
[ 1992.830249]  do_sys_openat2+0x171/0x4d0
[ 1992.830739]  ? build_open_flags+0x6f0/0x6f0
[ 1992.831272]  ? __mutex_unlock_slowpath+0xe1/0x600
20:12:46 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
flock(r0, 0xc)
read(0xffffffffffffffff, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)={'L-', 0x1}, 0x16, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x401, 0x0, 0x0, 'queue1\x00'})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000002)
r4 = openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x100000001)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB="b49f0d34b619aa59598bc42f07e3537b802900ef658d31f55e3df50fda7939e7456e524eb72667333495e9d50bef3ee4208e0cdcfb6e27ce5226d4f30bdaa6a503297d63059bbbd21a0bb987900498b6beeee57a653ff30d20fdf378470ab025cb34fe0d3ab81875", @ANYRESHEX=r7, @ANYBLOB=',msize=0x0000000000800003,\x00'])
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0)

[ 1992.831878]  ? wait_for_completion_io+0x270/0x270
[ 1992.835853]  __x64_sys_openat+0x13f/0x1f0
[ 1992.836360]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1992.836878]  ? ksys_write+0x1a9/0x260
[ 1992.837348]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1992.837986]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1992.838615]  do_syscall_64+0x33/0x40
[ 1992.839068]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1992.839704] RIP: 0033:0x7f7574521b19
[ 1992.840157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1992.842384] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1992.843323] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1992.844189] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
20:12:46 executing program 1:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000300)={0x4, 0x80, 0x5, 0x1, 0x7f, 0x4, 0x0, 0x8, 0x4100, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xffffff00, 0x0, @perf_config_ext={0x0, 0x4}, 0x8020, 0x101, 0x4fb3, 0x0, 0x9, 0x9, 0x1ff, 0x0, 0x6}, 0xffffffffffffffff, 0x9, r0, 0x7)
perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x5, 0x40, 0x7, 0x40, 0x0, 0xfff, 0x12400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6, 0x0, @perf_config_ext={0x2, 0x10000}, 0x400, 0x80000001, 0x4, 0x4, 0x3, 0x388a, 0x1, 0x0, 0x100, 0x0, 0x4}, 0x0, 0xf, r1, 0x9)
r2 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x7)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000)
syz_io_uring_submit(r6, r4, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r5, 0x0, 0x0}, 0x80000001)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000000, 0x1010, r2, 0x0)
r8 = syz_io_uring_setup(0x3ca0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}}, 0x0)
syz_io_uring_submit(r7, 0x0, &(0x7f0000000140)=@IORING_OP_MADVISE={0x19, 0x3, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf, 0x1, {0x0, r11}}, 0x1)
io_uring_enter(r2, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1992.845054] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1992.856940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1992.858671] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1992.860828] syz-executor.7: vmalloc: allocation failure: 9120 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz7,mems_allowed=0
[ 1992.864162] CPU: 1 PID: 10243 Comm: syz-executor.7 Not tainted 5.10.226 #1
[ 1992.865837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1992.867968] Call Trace:
[ 1992.868577]  dump_stack+0x107/0x167
[ 1992.869435]  warn_alloc.cold+0x95/0x18a
[ 1992.870368]  ? zone_watermark_ok_safe+0x260/0x260
[ 1992.871556]  ? slab_free_freelist_hook+0xa9/0x180
[ 1992.872719]  ? __get_vm_area_node+0x2cf/0x340
[ 1992.873799]  ? kasan_unpoison_shadow+0x33/0x50
[ 1992.874900]  ? __get_vm_area_node+0x262/0x340
[ 1992.876117]  __vmalloc_node_range+0x58f/0x9e0
[ 1992.877170]  ? n_tty_open+0x16/0x170
[ 1992.878055]  ? __vmalloc_node+0x110/0x110
[ 1992.879022]  ? up_write+0x191/0x550
[ 1992.880032]  ? down_write_killable+0x180/0x180
[ 1992.881143]  ? n_tty_open+0x16/0x170
[ 1992.882031]  __vmalloc_node+0xb5/0x110
[ 1992.882957]  ? n_tty_open+0x16/0x170
[ 1992.883955]  n_tty_open+0x16/0x170
[ 1992.884782]  ? n_tty_set_termios+0x1010/0x1010
[ 1992.885847]  tty_ldisc_open+0xa2/0x120
[ 1992.886788]  tty_ldisc_setup+0x90/0x100
[ 1992.887837]  tty_init_dev.part.0+0x1fa/0x610
[ 1992.888892]  ? pty_open+0x310/0x310
[ 1992.889759]  tty_init_dev+0x5b/0x80
[ 1992.890633]  ptmx_open+0x116/0x370
[ 1992.891525]  ? pty_open+0x310/0x310
[ 1992.892377]  chrdev_open+0x268/0x6e0
[ 1992.893246]  ? __unregister_chrdev+0x110/0x110
[ 1992.894357]  ? fsnotify_perm.part.0+0x22d/0x620
[ 1992.895556]  do_dentry_open+0x4b7/0x1090
[ 1992.896529]  ? __unregister_chrdev+0x110/0x110
[ 1992.897625]  ? may_open+0x1e4/0x400
[ 1992.898497]  path_openat+0x19ba/0x2770
[ 1992.899471]  ? path_lookupat+0x860/0x860
[ 1992.900424]  ? lock_acquire+0x197/0x470
[ 1992.901350]  ? find_held_lock+0x2c/0x110
[ 1992.902306]  do_filp_open+0x190/0x3e0
[ 1992.903197]  ? may_open_dev+0xf0/0xf0
[ 1992.903724]  ? do_raw_spin_lock+0x121/0x260
[ 1992.904255]  ? rwlock_bug.part.0+0x90/0x90
[ 1992.904778]  ? _raw_spin_unlock+0x1a/0x30
[ 1992.905281]  ? alloc_fd+0x2e7/0x670
[ 1992.905736]  do_sys_openat2+0x171/0x4d0
[ 1992.906224]  ? build_open_flags+0x6f0/0x6f0
[ 1992.906757]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1992.907412]  ? wait_for_completion_io+0x270/0x270
[ 1992.908010]  __x64_sys_openat+0x13f/0x1f0
[ 1992.908521]  ? __ia32_sys_open+0x1c0/0x1c0
[ 1992.909035]  ? ksys_write+0x1a9/0x260
[ 1992.909504]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1992.910150]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1992.910777]  do_syscall_64+0x33/0x40
[ 1992.911234]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1992.912732] RIP: 0033:0x7f7574521b19
[ 1992.913643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1992.916715] RSP: 002b:00007f7571a97188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1992.917640] RAX: ffffffffffffffda RBX: 00007f7574634f60 RCX: 00007f7574521b19
[ 1992.918506] RDX: 0000000000000c02 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1992.919483] RBP: 00007f7571a971d0 R08: 0000000000000000 R09: 0000000000000000
[ 1992.920351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1992.921218] R13: 00007fffd255ec7f R14: 00007f7571a97300 R15: 0000000000022000
[ 1992.923426] Mem-Info:
[ 1992.923758] active_anon:56 inactive_anon:53678 isolated_anon:0
[ 1992.923758]  active_file:15625 inactive_file:73414 isolated_file:0
[ 1992.923758]  unevictable:189 dirty:727 writeback:0
[ 1992.923758]  slab_reclaimable:9013 slab_unreclaimable:64241
[ 1992.923758]  mapped:82810 shmem:662 pagetables:1745 bounce:0
[ 1992.923758]  free:87130 free_pcp:367 free_cma:0
[ 1992.928329] Node 0 active_anon:224kB inactive_anon:214712kB active_file:62500kB inactive_file:293656kB unevictable:1008kB isolated(anon):0kB isolated(file):0kB mapped:331492kB dirty:2908kB writeback:0kB shmem:2648kB writeback_tmp:0kB kernel_stack:4768kB all_unreclaimable? no
[ 1992.934631] Node 0 DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1992.942056] lowmem_reserve[]: 0 1616 1616 1616
[ 1992.943335] Node 0 DMA32 free:331496kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:224kB inactive_anon:214712kB active_file:62500kB inactive_file:293656kB unevictable:2016kB writepending:2900kB present:2080640kB managed:1660468kB mlocked:2024kB pagetables:6980kB bounce:0kB free_pcp:1492kB local_pcp:1236kB free_cma:0kB
[ 1992.951983] lowmem_reserve[]: 0 0 0 0
[ 1992.953004] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1992.956608] Node 0 DMA32: 12*4kB (ME) 396*8kB (UME) 376*16kB (UME) 144*32kB (UME) 43*64kB (UM) 91*128kB (UME) 57*256kB (UME) 37*512kB (UM) 15*1024kB (U) 18*2048kB (UM) 53*4096kB (UM) = 331088kB
20:12:46 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x18}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x24040)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff120000000000000000000000000001f7ff8f7800000000600009e600"/77], 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) (fail_nth: 61)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:12:46 executing program 1:
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000004307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x8000}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)

[ 1992.961270] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1992.971567] 32197 total pagecache pages
[ 1992.972128] 0 pages in swap cache
[ 1992.972548] Swap cache stats: add 0, delete 0, find 0/0
[ 1992.973237] Free swap  = 0kB
[ 1992.973645] Total swap = 0kB
[ 1992.974076] 524158 pages RAM
[ 1992.974476] 0 pages HighMem/MovableOnly
[ 1992.983539] 105064 pages reserved
[ 1993.018070] FAULT_INJECTION: forcing a failure.
[ 1993.018070] name failslab, interval 1, probability 0, space 0, times 0
[ 1993.019546] CPU: 1 PID: 10261 Comm: syz-executor.3 Not tainted 5.10.226 #1
[ 1993.020383] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1993.021394] Call Trace:
[ 1993.021725]  dump_stack+0x107/0x167
[ 1993.022175]  should_fail.cold+0x5/0xa
[ 1993.022644]  ? __kernfs_new_node+0xd4/0x860
[ 1993.023178]  should_failslab+0x5/0x20
[ 1993.023670]  kmem_cache_alloc+0x5b/0x310
[ 1993.024175]  __kernfs_new_node+0xd4/0x860
[ 1993.024686]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1993.025277]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1993.025868]  ? wait_for_completion_io+0x270/0x270
[ 1993.026458]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1993.027103]  kernfs_new_node+0x18d/0x250
[ 1993.027627]  __kernfs_create_file+0x51/0x350
[ 1993.028170]  sysfs_add_file_mode_ns+0x221/0x560
[ 1993.028743]  internal_create_group+0x324/0xb30
[ 1993.029308]  ? sysfs_remove_group+0x170/0x170
[ 1993.029859]  ? kernfs_add_one+0x124/0x4d0
[ 1993.030369]  ? kernfs_create_link+0x1b7/0x230
[ 1993.030917]  internal_create_groups.part.0+0x90/0x140
[ 1993.031574]  sysfs_create_groups+0x25/0x50
[ 1993.032092]  device_add+0x138f/0x1c50
[ 1993.032560]  ? lockdep_init_map_type+0x2c7/0x780
[ 1993.033141]  ? devlink_add_symlinks+0x970/0x970
[ 1993.033721]  netdev_register_kobject+0x17a/0x3b0
[ 1993.034305]  register_netdevice+0xd6e/0x1480
[ 1993.034844]  ? netdev_change_features+0xb0/0xb0
[ 1993.037122] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1993.039448]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1993.039468]  __tun_chr_ioctl+0x2156/0x3f60
[ 1993.039483]  ? lock_downgrade+0x6d0/0x6d0
[ 1993.039496]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1993.039508]  ? tun_chr_poll+0x700/0x700
[ 1993.039521]  ? wait_for_completion_io+0x270/0x270
[ 1993.039542]  ? selinux_file_ioctl+0xb6/0x270
[ 1993.039562]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1993.044523]  __x64_sys_ioctl+0x19a/0x210
[ 1993.045021]  do_syscall_64+0x33/0x40
[ 1993.045473]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1993.046094] RIP: 0033:0x7f7955930b19
[ 1993.046546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1993.048796] RSP: 002b:00007f7952ea6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1993.049717] RAX: ffffffffffffffda RBX: 00007f7955a43f60 RCX: 00007f7955930b19
[ 1993.050581] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000005
[ 1993.051463] RBP: 00007f7952ea61d0 R08: 0000000000000000 R09: 0000000000000000
[ 1993.052325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1993.053189] R13: 00007fffc7f8b28f R14: 00007f7952ea6300 R15: 0000000000022000
[ 1993.071708] FAULT_INJECTION: forcing a failure.
[ 1993.071708] name failslab, interval 1, probability 0, space 0, times 0
[ 1993.073168] CPU: 1 PID: 10259 Comm: syz-executor.6 Not tainted 5.10.226 #1
[ 1993.074011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1993.075015] Call Trace:
[ 1993.075359]  dump_stack+0x107/0x167
[ 1993.075807]  should_fail.cold+0x5/0xa
[ 1993.076277]  ? create_object.isra.0+0x3a/0xa20
[ 1993.076833]  should_failslab+0x5/0x20
[ 1993.077303]  kmem_cache_alloc+0x5b/0x310
[ 1993.077800]  create_object.isra.0+0x3a/0xa20
[ 1993.078335]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1993.078956]  kmem_cache_alloc+0x159/0x310
[ 1993.079480]  __kernfs_new_node+0xd4/0x860
[ 1993.079989]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1993.080567]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1993.081157]  ? wait_for_completion_io+0x270/0x270
[ 1993.081744]  ? kernfs_next_descendant_post+0x1a7/0x2a0
[ 1993.082391]  kernfs_new_node+0x18d/0x250
[ 1993.082887]  __kernfs_create_file+0x51/0x350
[ 1993.083442]  sysfs_add_file_mode_ns+0x221/0x560
[ 1993.084014]  internal_create_group+0x324/0xb30
[ 1993.084574]  ? sysfs_remove_group+0x170/0x170
[ 1993.085119]  ? kernfs_add_one+0x124/0x4d0
[ 1993.085627]  ? kernfs_create_link+0x1b7/0x230
[ 1993.086177]  internal_create_groups.part.0+0x90/0x140
[ 1993.086805]  sysfs_create_groups+0x25/0x50
[ 1993.087348]  device_add+0x7a9/0x1c50
[ 1993.087809]  ? lockdep_init_map_type+0x2c7/0x780
[ 1993.088387]  ? devlink_add_symlinks+0x970/0x970
[ 1993.088956]  netdev_register_kobject+0x17a/0x3b0
[ 1993.089536]  register_netdevice+0xd6e/0x1480
[ 1993.090075]  ? netdev_change_features+0xb0/0xb0
[ 1993.090641]  ? alloc_netdev_mqs+0xab1/0xe80
[ 1993.091170]  __tun_chr_ioctl+0x2156/0x3f60
[ 1993.091701]  ? lock_downgrade+0x6d0/0x6d0
[ 1993.092205]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1993.092792]  ? tun_chr_poll+0x700/0x700
[ 1993.093278]  ? wait_for_completion_io+0x270/0x270
[ 1993.093871]  ? selinux_file_ioctl+0xb6/0x270
[ 1993.094412]  ? tun_chr_compat_ioctl+0x30/0x30
[ 1993.094958]  __x64_sys_ioctl+0x19a/0x210
[ 1993.095465]  do_syscall_64+0x33/0x40
[ 1993.095917]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1993.096538] RIP: 0033:0x7fc68ced6b19
20:12:46 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xaa40aa91f081a0f7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r1, 0x1000003)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x700)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
dup3(r1, r2, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000a00)=ANY=[], 0x98a)
readv(r2, &(0x7f0000000100), 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_expedited', 0x22902, 0x0)
openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x123a00, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0xfffffffd, 0x0, {{}, {@void, @void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x1ff)
ioctl$IOC_PR_RESERVE(r0, 0x401070c9, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})

[ 1993.096992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1993.108268] RSP: 002b:00007fc68a44c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1993.109200] RAX: ffffffffffffffda RBX: 00007fc68cfe9f60 RCX: 00007fc68ced6b19
[ 1993.110065] RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000006
[ 1993.110926] RBP: 00007fc68a44c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1993.111802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1993.112670] R13: 00007ffdbad4d89f R14: 00007fc68a44c300 R15: 0000000000022000
20:12:46 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xf76, 0xffffffffffffffff, 0xb)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe(0x0)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd', @ANYBLOB, @ANYRESHEX, @ANYBLOB="2c6d73697a653d30782130303030303830303030332c0000161b06f743a9bc63a64b832d5ffaafdc2af2ae25de774ea021c05497a6b428c60b8d03530d9e13574cd161c458ab6776492306752a563549072ebffea5be8bf2e3df8d67328d94468758e275ed7a4a627b9dda32081fcbffc71daa00"/135])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)

20:12:46 executing program 1:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000002a40)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
lsetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=@random={'btrfs.', '}[\\$(#}\x00'}, &(0x7f0000000300)='\x00', 0x1, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x6, 0x0, @fd_index, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x18}, 0x1)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r6, &(0x7f0000000100)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd_index=0x1, 0x3, 0x0, 0x80000000, 0x6, 0x0, {0x0, r7}}, 0x77e)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r8, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r9, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r8, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x0, 0x1, 0x0, 0x0)


VM DIAGNOSIS:
20:17:50  Registers:
info registers vcpu 0
RAX=0000000080010002 RBX=ffff8880183ffc90 RCX=ffffffff82002c3d RDX=ffff8880183ffc90
RSI=ffffffff82002c18 RDI=0000000000000006 RBP=ffff88806ce2f400 RSP=ffff88806ce09da8
R8 =0000000000000000 R9 =ffffffff85675ecf R10=00000216b2111500 R11=0000000000000001
R12=dffffc0000000000 R13=00000216b2111500 R14=0000000000000001 R15=ffff888008f34c10
RIP=ffffffff81409f44 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffe8f3ffe78 CR3=00000000174c4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=005e02fe016c6c6f502e726567616e61
XMM02=20726f747563657865110a0100010101 XMM03=66206365786509007374726174736572
XMM04=6469646e616320636578650e007a7a75 XMM05=696d696e696d20636578650d00657461
XMM06=0a006873616d7320636578650a00657a XMM07=636578650a0073646565732063657865
XMM08=650900737472617473657220726f7475 XMM09=6320636578650e007a7a756620636578
XMM10=6d20636578650d006574616469646e61 XMM11=6d7320636578650a00657a696d696e69
XMM12=00736465657320636578650a00687361 XMM13=65786508006c61746f7420636578650a
XMM14=6169727420636578650b006e65672063 XMM15=000073746e696820636578650a006567
info registers vcpu 1
RAX=0000000000000000 RBX=00000000002fc580 RCX=ffffffff8131aed5 RDX=ffff888008980000
RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffff88800898fd18
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffff88806cf2f44c R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81409894 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe6b00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb2c5344000 CR3=00000000174c4000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=000000000000000041842679c0000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000