program:
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x1}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r3, &(0x7f0000002300)={0x2020, 0x0, <r4=>0x0}, 0x206e)
write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, r4, {{0x2, 0x0, 0x1}}}, 0x28)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x10, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x20000}], 0x2) (fail_nth: 72)

[   75.573713][ T4663] Bluetooth: hci0: command tx timeout
[   75.577204][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[   75.579700][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[   75.716959][ T5314] FAULT_INJECTION: forcing a failure.
[   75.716959][ T5314] name failslab, interval 1, probability 0, space 0, times 1
[   75.721901][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-12113-gbcc8eda6d349 #0
[   75.725289][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.728744][ T5314] Call Trace:
[   75.729883][ T5314]  <TASK>
[   75.730930][ T5314]  dump_stack_lvl+0x241/0x360
[   75.732688][ T5314]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.734501][ T5314]  ? __pfx__printk+0x10/0x10
[   75.736080][ T5314]  ? fs_reclaim_acquire+0x93/0x130
[   75.737991][ T5314]  ? __pfx___might_resched+0x10/0x10
[   75.739946][ T5314]  should_fail_ex+0x3b0/0x4e0
[   75.741895][ T5314]  should_failslab+0xac/0x100
[   75.744023][ T5314]  __kmalloc_cache_noprof+0x70/0x390
[   75.746175][ T5314]  ? netfs_buffer_make_space+0x12b/0x4a0
[   75.748397][ T5314]  netfs_buffer_make_space+0x12b/0x4a0
[   75.750550][ T5314]  netfs_buffer_append_folio+0xbb/0x560
[   75.752635][ T5314]  netfs_write_folio+0xe0a/0x2070
[   75.754550][ T5314]  ? writeback_iter+0xf92/0x1730
[   75.756301][ T5314]  netfs_writepages+0x8aa/0xb80
[   75.758178][ T5314]  ? __pfx_netfs_writepages+0x10/0x10
[   75.760250][ T5314]  ? __pfx_netfs_writepages+0x10/0x10
[   75.762271][ T5314]  do_writepages+0x35f/0x880
[   75.763908][ T5314]  ? __pfx_do_writepages+0x10/0x10
[   75.765849][ T5314]  ? file_write_and_wait_range+0x298/0x3c0
[   75.768088][ T5314]  ? do_raw_spin_lock+0x14f/0x370
[   75.770116][ T5314]  ? __pfx_lock_release+0x10/0x10
[   75.772092][ T5314]  ? do_raw_spin_unlock+0x58/0x8b0
[   75.774074][ T5314]  ? wbc_attach_and_unlock_inode+0xba/0x580
[   75.776271][ T5314]  file_write_and_wait_range+0x2a3/0x3c0
[   75.778230][ T5314]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.780706][ T5314]  ? __pfx_file_write_and_wait_range+0x10/0x10
[   75.783203][ T5314]  v9fs_file_fsync+0xf3/0x1d0
[   75.784974][ T5314]  ? __pfx_v9fs_file_fsync+0x10/0x10
[   75.786884][ T5314]  ? __pfx___up_read+0x10/0x10
[   75.788655][ T5314]  ? vfs_fsync_range+0xbe/0x1c0
[   75.790558][ T5314]  netfs_file_write_iter+0x36d/0x3f0
[   75.792522][ T5314]  do_iter_readv_writev+0x600/0x880
[   75.794555][ T5314]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   75.796697][ T5314]  ? rcu_read_lock_any_held+0xb7/0x160
[   75.798758][ T5314]  vfs_writev+0x376/0xba0
[   75.800424][ T5314]  ? trace_contention_end+0x3c/0x120
[   75.802414][ T5314]  ? __mutex_lock+0x37f/0xee0
[   75.804156][ T5314]  ? __pfx_lock_acquire+0x10/0x10
[   75.806014][ T5314]  ? __pfx_vfs_writev+0x10/0x10
[   75.807929][ T5314]  ? __fget_files+0x2a/0x410
[   75.809668][ T5314]  ? __fget_files+0x395/0x410
[   75.811444][ T5314]  ? __fget_files+0x2a/0x410
[   75.813145][ T5314]  do_writev+0x1b6/0x360
[   75.814715][ T5314]  ? __pfx_do_writev+0x10/0x10
[   75.816566][ T5314]  ? do_syscall_64+0x100/0x230
[   75.818399][ T5314]  ? do_syscall_64+0xb6/0x230
[   75.820083][ T5314]  do_syscall_64+0xf3/0x230
[   75.821758][ T5314]  ? clear_bhb_loop+0x35/0x90
[   75.823583][ T5314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.825829][ T5314] RIP: 0033:0x7ff6bf980849
[   75.827493][ T5314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.834698][ T5314] RSP: 002b:00007ff6c0741058 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   75.837885][ T5314] RAX: ffffffffffffffda RBX: 00007ff6bfb45fa0 RCX: 00007ff6bf980849
[   75.840926][ T5314] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000007
[   75.844204][ T5314] RBP: 00007ff6c07410a0 R08: 0000000000000000 R09: 0000000000000000
[   75.847187][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   75.850179][ T5314] R13: 0000000000000000 R14: 00007ff6bfb45fa0 R15: 00007ffd190385e8
[   75.853171][ T5314]  </TASK>
[   75.864655][ T5314] ------------[ cut here ]------------
[   75.866810][ T5314] UBSAN: array-index-out-of-bounds in ./include/linux/folio_queue.h:277:9
[   75.870106][ T5314] index 31 is out of range for type 'struct folio *const[31]'
[   75.874067][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-12113-gbcc8eda6d349 #0
[   75.877962][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.882317][ T5314] Call Trace:
[   75.883577][ T5314]  <TASK>
[   75.884681][ T5314]  dump_stack_lvl+0x241/0x360
[   75.886580][ T5314]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.888644][ T5314]  ? __pfx__printk+0x10/0x10
[   75.890686][ T5314]  __ubsan_handle_out_of_bounds+0x121/0x150
[   75.893084][ T5314]  _copy_from_iter+0x11e4/0x1e70
[   75.895046][ T5314]  ? __virt_addr_valid+0x183/0x530
[   75.896990][ T5314]  ? __pfx__copy_from_iter+0x10/0x10
[   75.899135][ T5314]  ? __virt_addr_valid+0x183/0x530
[   75.901251][ T5314]  ? __virt_addr_valid+0x183/0x530
[   75.903188][ T5314]  ? __virt_addr_valid+0x45f/0x530
[   75.905146][ T5314]  ? __check_object_size+0x48e/0x900
[   75.907167][ T5314]  p9pdu_vwritef+0x1c75/0x29e0
[   75.908933][ T5314]  ? __pfx_p9pdu_vwritef+0x10/0x10
[   75.910813][ T5314]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   75.912951][ T5314]  p9_client_prepare_req+0xa8d/0xf30
[   75.914947][ T5314]  ? __pfx_p9_client_prepare_req+0x10/0x10
[   75.917108][ T5314]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   75.919375][ T5314]  p9_client_rpc+0x19d/0xac0
[   75.921059][ T5314]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   75.923252][ T5314]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   75.925733][ T5314]  ? __pfx_p9_client_rpc+0x10/0x10
[   75.927644][ T5314]  ? lockdep_hardirqs_on+0x99/0x150
[   75.929729][ T5314]  ? dump_stack_lvl+0x2f9/0x360
[   75.931558][ T5314]  p9_client_write+0x328/0x7a0
[   75.933502][ T5314]  ? fs_reclaim_acquire+0x93/0x130
[   75.936066][ T5314]  ? __pfx_p9_client_write+0x10/0x10
[   75.938316][ T5314]  v9fs_issue_write+0xfd/0x1c0
[   75.940158][ T5314]  ? __pfx_v9fs_issue_write+0x10/0x10
[   75.942127][ T5314]  ? rcu_is_watching+0x15/0xb0
[   75.943980][ T5314]  netfs_advance_write+0x972/0xbd0
[   75.945979][ T5314]  netfs_write_folio+0x12fb/0x2070
[   75.948060][ T5314]  netfs_writepages+0x8aa/0xb80
[   75.950041][ T5314]  ? __pfx_netfs_writepages+0x10/0x10
[   75.952115][ T5314]  ? __pfx_netfs_writepages+0x10/0x10
[   75.954228][ T5314]  do_writepages+0x35f/0x880
[   75.956061][ T5314]  ? __pfx_do_writepages+0x10/0x10
[   75.958077][ T5314]  ? file_write_and_wait_range+0x298/0x3c0
[   75.960352][ T5314]  ? do_raw_spin_lock+0x14f/0x370
[   75.962278][ T5314]  ? __pfx_lock_release+0x10/0x10
[   75.964225][ T5314]  ? do_raw_spin_unlock+0x58/0x8b0
[   75.966206][ T5314]  ? wbc_attach_and_unlock_inode+0xba/0x580
[   75.968492][ T5314]  file_write_and_wait_range+0x2a3/0x3c0
[   75.970698][ T5314]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   75.973235][ T5314]  ? __pfx_file_write_and_wait_range+0x10/0x10
[   75.975642][ T5314]  v9fs_file_fsync+0xf3/0x1d0
[   75.977458][ T5314]  ? __pfx_v9fs_file_fsync+0x10/0x10
[   75.979513][ T5314]  ? __pfx___up_read+0x10/0x10
[   75.981294][ T5314]  ? vfs_fsync_range+0xbe/0x1c0
[   75.983210][ T5314]  netfs_file_write_iter+0x36d/0x3f0
[   75.985300][ T5314]  do_iter_readv_writev+0x600/0x880
[   75.987252][ T5314]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   75.989464][ T5314]  ? rcu_read_lock_any_held+0xb7/0x160
[   75.991600][ T5314]  vfs_writev+0x376/0xba0
[   75.993200][ T5314]  ? trace_contention_end+0x3c/0x120
[   75.995212][ T5314]  ? __mutex_lock+0x37f/0xee0
[   75.996961][ T5314]  ? __pfx_lock_acquire+0x10/0x10
[   75.998836][ T5314]  ? __pfx_vfs_writev+0x10/0x10
[   76.000781][ T5314]  ? __fget_files+0x2a/0x410
[   76.002699][ T5314]  ? __fget_files+0x395/0x410
[   76.004568][ T5314]  ? __fget_files+0x2a/0x410
[   76.006367][ T5314]  do_writev+0x1b6/0x360
[   76.007921][ T5314]  ? __pfx_do_writev+0x10/0x10
[   76.009644][ T5314]  ? do_syscall_64+0x100/0x230
[   76.011679][ T5314]  ? do_syscall_64+0xb6/0x230
[   76.013432][ T5314]  do_syscall_64+0xf3/0x230
[   76.015253][ T5314]  ? clear_bhb_loop+0x35/0x90
[   76.017188][ T5314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.019787][ T5314] RIP: 0033:0x7ff6bf980849
[   76.021861][ T5314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.029597][ T5314] RSP: 002b:00007ff6c0741058 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   76.032664][ T5314] RAX: ffffffffffffffda RBX: 00007ff6bfb45fa0 RCX: 00007ff6bf980849
[   76.035621][ T5314] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000007
[   76.038651][ T5314] RBP: 00007ff6c07410a0 R08: 0000000000000000 R09: 0000000000000000
[   76.041626][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   76.044617][ T5314] R13: 0000000000000000 R14: 00007ff6bfb45fa0 R15: 00007ffd190385e8
[   76.047525][ T5314]  </TASK>
[   76.056654][ T5314] ---[ end trace ]---
[   76.058185][ T5314] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[   76.060806][ T5314] CPU: 0 UID: 0 PID: 5314 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-12113-gbcc8eda6d349 #0
[   76.064781][ T5314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.068637][ T5314] Call Trace:
[   76.069919][ T5314]  <TASK>
[   76.071057][ T5314]  dump_stack_lvl+0x241/0x360
[   76.072882][ T5314]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.074919][ T5314]  ? __pfx__printk+0x10/0x10
[   76.076657][ T5314]  ? lockdep_hardirqs_on+0x99/0x150
[   76.078934][ T5314]  ? vscnprintf+0x5d/0x90
[   76.080677][ T5314]  panic+0x349/0x880
[   76.082394][ T5314]  ? check_panic_on_warn+0x21/0xb0
[   76.084382][ T5314]  ? __pfx_panic+0x10/0x10
[   76.086126][ T5314]  ? _printk+0xd5/0x120
[   76.087896][ T5314]  ? __pfx__printk+0x10/0x10
[   76.089964][ T5314]  check_panic_on_warn+0x86/0xb0
[   76.091799][ T5314]  __ubsan_handle_out_of_bounds+0x141/0x150
[   76.094236][ T5314]  _copy_from_iter+0x11e4/0x1e70
[   76.096068][ T5314]  ? __virt_addr_valid+0x183/0x530
[   76.098049][ T5314]  ? __pfx__copy_from_iter+0x10/0x10
[   76.100108][ T5314]  ? __virt_addr_valid+0x183/0x530
[   76.101972][ T5314]  ? __virt_addr_valid+0x183/0x530
[   76.103905][ T5314]  ? __virt_addr_valid+0x45f/0x530
[   76.105872][ T5314]  ? __check_object_size+0x48e/0x900
[   76.107874][ T5314]  p9pdu_vwritef+0x1c75/0x29e0
[   76.109715][ T5314]  ? __pfx_p9pdu_vwritef+0x10/0x10
[   76.111734][ T5314]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   76.114134][ T5314]  p9_client_prepare_req+0xa8d/0xf30
[   76.116069][ T5314]  ? __pfx_p9_client_prepare_req+0x10/0x10
[   76.118254][ T5314]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   76.120635][ T5314]  p9_client_rpc+0x19d/0xac0
[   76.122469][ T5314]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   76.125180][ T5314]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   76.128408][ T5314]  ? __pfx_p9_client_rpc+0x10/0x10
[   76.130951][ T5314]  ? lockdep_hardirqs_on+0x99/0x150
[   76.133423][ T5314]  ? dump_stack_lvl+0x2f9/0x360
[   76.135846][ T5314]  p9_client_write+0x328/0x7a0
[   76.138246][ T5314]  ? fs_reclaim_acquire+0x93/0x130
[   76.140626][ T5314]  ? __pfx_p9_client_write+0x10/0x10
[   76.142645][ T5314]  v9fs_issue_write+0xfd/0x1c0
[   76.144509][ T5314]  ? __pfx_v9fs_issue_write+0x10/0x10
[   76.146609][ T5314]  ? rcu_is_watching+0x15/0xb0
[   76.148484][ T5314]  netfs_advance_write+0x972/0xbd0
[   76.150528][ T5314]  netfs_write_folio+0x12fb/0x2070
[   76.152395][ T5314]  netfs_writepages+0x8aa/0xb80
[   76.154188][ T5314]  ? __pfx_netfs_writepages+0x10/0x10
[   76.156153][ T5314]  ? __pfx_netfs_writepages+0x10/0x10
[   76.158206][ T5314]  do_writepages+0x35f/0x880
[   76.160103][ T5314]  ? __pfx_do_writepages+0x10/0x10
[   76.162095][ T5314]  ? file_write_and_wait_range+0x298/0x3c0
[   76.164327][ T5314]  ? do_raw_spin_lock+0x14f/0x370
[   76.166418][ T5314]  ? __pfx_lock_release+0x10/0x10
[   76.168432][ T5314]  ? do_raw_spin_unlock+0x58/0x8b0
[   76.170458][ T5314]  ? wbc_attach_and_unlock_inode+0xba/0x580
[   76.172694][ T5314]  file_write_and_wait_range+0x2a3/0x3c0
[   76.174879][ T5314]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   76.177346][ T5314]  ? __pfx_file_write_and_wait_range+0x10/0x10
[   76.179858][ T5314]  v9fs_file_fsync+0xf3/0x1d0
[   76.181617][ T5314]  ? __pfx_v9fs_file_fsync+0x10/0x10
[   76.183656][ T5314]  ? __pfx___up_read+0x10/0x10
[   76.185459][ T5314]  ? vfs_fsync_range+0xbe/0x1c0
[   76.187285][ T5314]  netfs_file_write_iter+0x36d/0x3f0
[   76.189177][ T5314]  do_iter_readv_writev+0x600/0x880
[   76.191141][ T5314]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   76.193205][ T5314]  ? rcu_read_lock_any_held+0xb7/0x160
[   76.195140][ T5314]  vfs_writev+0x376/0xba0
[   76.196692][ T5314]  ? trace_contention_end+0x3c/0x120
[   76.198545][ T5314]  ? __mutex_lock+0x37f/0xee0
[   76.200242][ T5314]  ? __pfx_lock_acquire+0x10/0x10
[   76.201995][ T5314]  ? __pfx_vfs_writev+0x10/0x10
[   76.203758][ T5314]  ? __fget_files+0x2a/0x410
[   76.205401][ T5314]  ? __fget_files+0x395/0x410
[   76.207116][ T5314]  ? __fget_files+0x2a/0x410
[   76.208858][ T5314]  do_writev+0x1b6/0x360
[   76.210545][ T5314]  ? __pfx_do_writev+0x10/0x10
[   76.212655][ T5314]  ? do_syscall_64+0x100/0x230
[   76.214533][ T5314]  ? do_syscall_64+0xb6/0x230
[   76.216331][ T5314]  do_syscall_64+0xf3/0x230
[   76.218075][ T5314]  ? clear_bhb_loop+0x35/0x90
[   76.219907][ T5314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.222172][ T5314] RIP: 0033:0x7ff6bf980849
[   76.223859][ T5314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.230984][ T5314] RSP: 002b:00007ff6c0741058 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   76.233934][ T5314] RAX: ffffffffffffffda RBX: 00007ff6bfb45fa0 RCX: 00007ff6bf980849
[   76.236905][ T5314] RDX: 0000000000000002 RSI: 0000000020000000 RDI: 0000000000000007
[   76.239889][ T5314] RBP: 00007ff6c07410a0 R08: 0000000000000000 R09: 0000000000000000
[   76.242640][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   76.245670][ T5314] R13: 0000000000000000 R14: 00007ff6bfb45fa0 R15: 00007ffd190385e8
[   76.248791][ T5314]  </TASK>
[   76.250456][ T5314] Kernel Offset: disabled
[   76.252188][ T5314] Rebooting in 86400 seconds..