program:
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000480), 0xfd, 0x448, &(0x7f0000000d00)="$eJzs3MtvG0UYAPBv10kLfZBQyqOlgKEgIh5Jk/LogQsIJDggIcGhSFxCklalboOaINEqgoBQe0SVuCNuIPEXcIILAk5IcATOqFKFcmngZLT2OnEd28ROUqf495O2numOPfN5d9azM3YC6FvF7J8kYk9E/BYRQ9Xs9QWK1YflpYWpv5cWppIol1//K6mUu7a0MFUrWnve7jwzkkaknyQNL1g1d/7C6clSaeZcnh+bP/Pu2Nz5C0+eOjN5cubkzNmJY8eeOjr+7DMTT29KnFlc1w5+MHvowMtvXn516vjlt3/8+tLeatzREEd7O9ZdZzGKzUKveGTdr3Jz2FuXTgZ62BA6UoiI7HANVvr/UBRi9eANxUsf97RxwJYql8vlna13L5aB/7Eket0CoDdqH/TZ/W9tu0FDj23h6vPVG6As7uV8q+4ZiDQvM9hwf7uZihFxfPGfz7MtOpqHAADozrfZ+OeJZuO/NO6qK3dbvoYyHBG3R8S+iLgjIvZHxJ0RlbJ3R8Q9HdZfbMivHf+kV7oKbJ2y8d9z+drW9eO/2ugvhgt5bm8l/sHkxKnSzJH8PRmJwZ1ZfrxNHd+9+MunrfbVj/+yLau/NhbM23FloGGCbnpyfnIjMde7+lHEwYFm8ScrKwFJRByIiINd1nHqsa8Otdr33/G3sQnrTOUvIh6tHv/FyOOvrvCtrtwl7dcnx26J0syRsdpZsdZPP198rVX9G4p/E2THf1fT838l/uGkfr12rvM6Lv5+qeU9Tbfn/47kjUq6thr7/uT8/LnxyuVp7f9PrD63ls/LV+IfOdy8/++L1Xfi3ojITuL7IuL+iHggb/uDEfFQRBxuE/8PLzz8Tvfxb60s/umOjn/nicLp779pVf86jv+vb+WpkfxxPde/SuWv5Jk2DezuXQMAAICbSxoReyJJR1fSaTo6Wv0O//7YlZZm5+YfPzH73tnp6nflh2Mwrc10DdXNh47nc8O1/ERD/mg+b/xZ4dZKfnRqtjTd6+Chz+1u0f8zfxZ63Tpgy/m9FvQv/R/6l/4P/Uv/h/6l/0P/atb/P+xBO4Abz+c/9C/9H/qX/g/9S/+HvrSR3/V3kFgul8tbXMW2SXyZ/63A7dKeLUpEui2aIbGhxB/5dWDtrl5elQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbPvwEAAP//rdfgqg==")
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000080)=[{&(0x7f0000000340)="a1", 0x1}], 0x1, 0x8, 0x7, 0x4) (fail_nth: 29)

[   69.083755][ T5302] Bluetooth: hci0: command tx timeout
[   69.146566][ T5318] loop0: detected capacity change from 0 to 512
[   69.171947][ T5318] EXT4-fs (loop0): Invalid default hash set in the superblock
[   69.225212][ T5318] FAULT_INJECTION: forcing a failure.
[   69.225212][ T5318] name failslab, interval 1, probability 0, space 0, times 1
[   69.229515][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[   69.229530][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.229537][ T5318] Call Trace:
[   69.229542][ T5318]  <TASK>
[   69.229547][ T5318]  dump_stack_lvl+0x241/0x360
[   69.229661][ T5318]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.229672][ T5318]  ? __pfx__printk+0x10/0x10
[   69.229691][ T5318]  ? fs_reclaim_acquire+0x93/0x130
[   69.229707][ T5318]  ? __pfx___might_resched+0x10/0x10
[   69.229721][ T5318]  ? stack_depot_save_flags+0x37/0x940
[   69.229764][ T5318]  should_fail_ex+0x3b0/0x4e0
[   69.229780][ T5318]  should_failslab+0xac/0x100
[   69.229797][ T5318]  ? p9_client_prepare_req+0x173/0xf30
[   69.229836][ T5318]  kmem_cache_alloc_noprof+0x70/0x380
[   69.229852][ T5318]  p9_client_prepare_req+0x173/0xf30
[   69.229873][ T5318]  ? __pfx_p9_client_prepare_req+0x10/0x10
[   69.229887][ T5318]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   69.229904][ T5318]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   69.229923][ T5318]  p9_client_rpc+0x19d/0xac0
[   69.229948][ T5318]  ? __pfx_p9_client_rpc+0x10/0x10
[   69.229963][ T5318]  ? __phys_addr+0xba/0x170
[   69.229983][ T5318]  ? kmem_cache_free+0x30e/0x410
[   69.229993][ T5318]  ? p9_req_put+0x19c/0x1f0
[   69.230005][ T5318]  ? iov_iter_revert+0x1d2/0x590
[   69.230025][ T5318]  p9_client_write+0x328/0x7a0
[   69.230047][ T5318]  ? __pfx_p9_client_write+0x10/0x10
[   69.230065][ T5318]  ? do_raw_spin_unlock+0x58/0x8b0
[   69.230079][ T5318]  v9fs_issue_write+0xf0/0x1d0
[   69.230090][ T5318]  ? __pfx_v9fs_issue_write+0x10/0x10
[   69.230098][ T5318]  ? netfs_advance_write+0x86e/0xbd0
[   69.230115][ T5318]  ? rcu_is_watching+0x15/0xb0
[   69.230129][ T5318]  netfs_write_folio+0x1451/0x1c30
[   69.230155][ T5318]  netfs_end_writethrough+0x5b/0x170
[   69.230172][ T5318]  netfs_perform_write+0x1e5e/0x2150
[   69.230203][ T5318]  ? __pfx_netfs_perform_write+0x10/0x10
[   69.230236][ T5318]  ? file_update_time+0x2ab/0x450
[   69.230252][ T5318]  ? netfs_buffered_write_iter_locked+0x12e/0x2b0
[   69.230267][ T5318]  netfs_file_write_iter+0x187/0x3f0
[   69.230282][ T5318]  do_iter_readv_writev+0x71a/0x9d0
[   69.230299][ T5318]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   69.230311][ T5318]  ? rcu_read_lock_any_held+0xb7/0x160
[   69.230332][ T5318]  vfs_writev+0x38b/0xbc0
[   69.230353][ T5318]  ? __pfx_vfs_writev+0x10/0x10
[   69.230362][ T5318]  ? vfs_write+0x7fa/0xd10
[   69.230385][ T5318]  ? __fget_files+0x2a/0x410
[   69.230397][ T5318]  ? __fget_files+0x395/0x410
[   69.230406][ T5318]  ? __fget_files+0x2a/0x410
[   69.230423][ T5318]  __se_sys_pwritev2+0x196/0x2b0
[   69.230439][ T5318]  ? __pfx___se_sys_pwritev2+0x10/0x10
[   69.230454][ T5318]  ? do_syscall_64+0x100/0x230
[   69.230468][ T5318]  ? __x64_sys_pwritev2+0x21/0xf0
[   69.230484][ T5318]  do_syscall_64+0xf3/0x230
[   69.230496][ T5318]  ? clear_bhb_loop+0x35/0x90
[   69.230512][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.230526][ T5318] RIP: 0033:0x7f612838cd29
[   69.230537][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.230551][ T5318] RSP: 002b:00007f61291ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   69.230568][ T5318] RAX: ffffffffffffffda RBX: 00007f61285a5fa0 RCX: 00007f612838cd29
[   69.230575][ T5318] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000007
[   69.230581][ T5318] RBP: 00007f61291ca090 R08: 0000000000000007 R09: 0000000000000004
[   69.230588][ T5318] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[   69.230594][ T5318] R13: 0000000000000000 R14: 00007f61285a5fa0 R15: 00007ffdc6f64868
[   69.230610][ T5318]  </TASK>
[   69.376945][ T1078] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000023: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   69.382886][ T1078] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]
[   69.386101][ T1078] CPU: 0 UID: 0 PID: 1078 Comm: kworker/u4:10 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[   69.389946][ T1078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.394022][ T1078] Workqueue: events_unbound netfs_write_collection_worker
[   69.396831][ T1078] RIP: 0010:iov_iter_revert+0x2da/0x590
[   69.398921][ T1078] Code: 20 00 74 08 4c 89 ef e8 f4 96 3f fd 4d 8b 6d 00 41 bf 1e 00 00 00 bd 1e 00 00 00 49 8d ac 2d 00 01 00 00 48 89 e8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 75 40 0f b6 6d 00 bf 40 00 00 00 89 ee e8 9d
[   69.406164][ T1078] RSP: 0018:ffffc90002787630 EFLAGS: 00010203
[   69.408476][ T1078] RAX: 0000000000000023 RBX: ffffc900027877c0 RCX: ffff888035c50000
[   69.411674][ T1078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.414627][ T1078] RBP: 000000000000011e R08: ffffffff84e68a15 R09: ffffffff84e688a4
[   69.417539][ T1078] R10: 0000000000000004 R11: ffff888035c50000 R12: dffffc0000000000
[   69.420386][ T1078] R13: 0000000000000000 R14: 0000000000000004 R15: 000000000000001e
[   69.423487][ T1078] FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   69.426834][ T1078] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   69.429334][ T1078] CR2: 00005582d2ab4918 CR3: 00000000460d2000 CR4: 0000000000352ef0
[   69.432413][ T1078] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   69.435165][ T1078] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   69.437865][ T1078] Call Trace:
[   69.439034][ T1078]  <TASK>
[   69.440179][ T1078]  ? __die_body+0x5f/0xb0
[   69.441871][ T1078]  ? die_addr+0xb0/0xe0
[   69.443470][ T1078]  ? exc_general_protection+0x3dd/0x5d0
[   69.445609][ T1078]  ? asm_exc_general_protection+0x26/0x30
[   69.447777][ T1078]  ? iov_iter_revert+0x104/0x590
[   69.449682][ T1078]  ? iov_iter_revert+0x275/0x590
[   69.451635][ T1078]  ? iov_iter_revert+0x2da/0x590
[   69.453509][ T1078]  netfs_retry_writes+0x17db/0x19b0
[   69.455427][ T1078]  ? __pfx_validate_chain+0x10/0x10
[   69.457341][ T1078]  ? mark_lock+0x9a/0x360
[   69.458953][ T1078]  ? __lock_acquire+0x1397/0x2100
[   69.460914][ T1078]  ? __pfx_netfs_retry_writes+0x10/0x10
[   69.462940][ T1078]  ? register_lock_class+0x102/0x980
[   69.464932][ T1078]  ? __pfx_register_lock_class+0x10/0x10
[   69.467052][ T1078]  netfs_write_collection_worker+0x2f90/0x3bb0
[   69.469386][ T1078]  ? process_scheduled_works+0x976/0x1840
[   69.471482][ T1078]  process_scheduled_works+0xa66/0x1840
[   69.473525][ T1078]  ? __pfx_process_scheduled_works+0x10/0x10
[   69.475970][ T1078]  ? assign_work+0x364/0x3d0
[   69.477756][ T1078]  worker_thread+0x870/0xd30
[   69.479478][ T1078]  ? __kthread_parkme+0x169/0x1d0
[   69.481274][ T1078]  ? __pfx_worker_thread+0x10/0x10
[   69.483151][ T1078]  kthread+0x7a9/0x920
[   69.484635][ T1078]  ? __pfx_kthread+0x10/0x10
[   69.486360][ T1078]  ? __pfx_worker_thread+0x10/0x10
[   69.488279][ T1078]  ? __pfx_kthread+0x10/0x10
[   69.490001][ T1078]  ? __pfx_kthread+0x10/0x10
[   69.491706][ T1078]  ? __pfx_kthread+0x10/0x10
[   69.493381][ T1078]  ? _raw_spin_unlock_irq+0x23/0x50
[   69.495232][ T1078]  ? lockdep_hardirqs_on+0x99/0x150
[   69.497145][ T1078]  ? __pfx_kthread+0x10/0x10
[   69.498780][ T1078]  ret_from_fork+0x4b/0x80
[   69.500353][ T1078]  ? __pfx_kthread+0x10/0x10
[   69.502215][ T1078]  ret_from_fork_asm+0x1a/0x30
[   69.503826][ T1078]  </TASK>
[   69.505087][ T1078] Modules linked in:
[   69.507026][ T1078] ---[ end trace 0000000000000000 ]---
[   69.514345][ T1078] RIP: 0010:iov_iter_revert+0x2da/0x590
[   69.516645][ T1078] Code: 20 00 74 08 4c 89 ef e8 f4 96 3f fd 4d 8b 6d 00 41 bf 1e 00 00 00 bd 1e 00 00 00 49 8d ac 2d 00 01 00 00 48 89 e8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 75 40 0f b6 6d 00 bf 40 00 00 00 89 ee e8 9d
[   69.524991][ T1078] RSP: 0018:ffffc90002787630 EFLAGS: 00010203
[   69.527436][ T1078] RAX: 0000000000000023 RBX: ffffc900027877c0 RCX: ffff888035c50000
[   69.530439][ T1078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.533994][ T1078] RBP: 000000000000011e R08: ffffffff84e68a15 R09: ffffffff84e688a4
[   69.537174][ T1078] R10: 0000000000000004 R11: ffff888035c50000 R12: dffffc0000000000
[   69.540541][ T1078] R13: 0000000000000000 R14: 0000000000000004 R15: 000000000000001e
[   69.544004][ T1078] FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   69.547125][ T1078] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   69.549521][ T1078] CR2: 00005582d2ab4918 CR3: 0000000011926000 CR4: 0000000000352ef0
[   69.553227][ T1078] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   69.556306][ T1078] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   69.559358][ T1078] Kernel panic - not syncing: Fatal exception
[   69.561895][ T1078] Kernel Offset: disabled
[   69.563510][ T1078] Rebooting in 86400 seconds..