a_interval_tree_iter_next+0x263/0x280 [ 977.649855][T10218] register_for_each_vma+0x372/0x890 [ 977.655246][T10218] __uprobe_register+0x3f4/0x8a0 [ 977.660187][T10218] uprobe_register_refctr+0x29/0x40 [ 977.665498][T10218] probe_event_enable+0x2be/0x7d0 [ 977.670539][T10218] ? __uprobe_trace_func+0x430/0x430 [ 977.675894][T10218] trace_uprobe_register+0x88/0x410 [ 977.681191][T10218] perf_trace_event_init+0x34e/0x790 [ 977.686496][T10218] perf_uprobe_init+0xf5/0x140 [ 977.691279][T10218] perf_uprobe_event_init+0xde/0x140 [ 977.696598][T10218] perf_try_init_event+0x21a/0x400 [ 977.701741][T10218] perf_event_alloc+0xa60/0x1790 [ 977.706701][T10218] __se_sys_perf_event_open+0x5c7/0x2740 [ 977.712384][T10218] ? vfs_write+0x50c/0x770 [ 977.716835][T10218] __x64_sys_perf_event_open+0x63/0x70 [ 977.722308][T10218] do_syscall_64+0x3d/0x90 [ 977.726749][T10218] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 977.732750][T10218] RIP: 0033:0x4665d9 [ 977.736660][T10218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 977.756278][T10218] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:09 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x100000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:09 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xa, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:09 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\n\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:09 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) flistxattr(r0, &(0x7f00000000c0)=""/72, 0x48) [ 977.764703][T10218] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 977.772772][T10218] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 977.780750][T10218] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 977.788740][T10218] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 977.796728][T10218] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:09 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x18000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:09 executing program 4 (fault-call:1 fault-nth:21): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:09 executing program 0: r0 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local}, &(0x7f0000000100)=0x1c, 0x80000) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000140)={0x77359400}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) flistxattr(r1, &(0x7f0000000040)=""/96, 0x60) 10:48:09 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:09 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\v\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 978.067689][T10258] FAULT_INJECTION: forcing a failure. [ 978.067689][T10258] name failslab, interval 1, probability 0, space 0, times 0 [ 978.080345][T10258] CPU: 1 PID: 10258 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 978.088974][T10258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 978.099078][T10258] Call Trace: [ 978.102383][T10258] dump_stack_lvl+0xb7/0x103 [ 978.107009][T10258] dump_stack+0x11/0x1a [ 978.111183][T10258] should_fail+0x23c/0x250 [ 978.115714][T10258] __should_failslab+0x81/0x90 [ 978.120509][T10258] ? register_for_each_vma+0x372/0x890 [ 978.126003][T10258] should_failslab+0x5/0x20 [ 978.130526][T10258] kmem_cache_alloc_trace+0x49/0x310 [ 978.135860][T10258] ? register_for_each_vma+0x372/0x890 [ 978.141509][T10258] ? vma_interval_tree_iter_next+0x263/0x280 [ 978.147547][T10258] register_for_each_vma+0x372/0x890 [ 978.152843][T10258] __uprobe_register+0x3f4/0x8a0 [ 978.157787][T10258] uprobe_register_refctr+0x29/0x40 [ 978.163021][T10258] probe_event_enable+0x2be/0x7d0 [ 978.168058][T10258] ? __uprobe_trace_func+0x430/0x430 [ 978.173361][T10258] trace_uprobe_register+0x88/0x410 [ 978.178563][T10258] perf_trace_event_init+0x34e/0x790 [ 978.183865][T10258] perf_uprobe_init+0xf5/0x140 [ 978.188667][T10258] perf_uprobe_event_init+0xde/0x140 [ 978.194093][T10258] perf_try_init_event+0x21a/0x400 [ 978.199217][T10258] perf_event_alloc+0xa60/0x1790 [ 978.204226][T10258] __se_sys_perf_event_open+0x5c7/0x2740 [ 978.209890][T10258] ? vfs_write+0x50c/0x770 10:48:09 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f00000000c0)={0xf70b, {{0xa, 0x4e21, 0x0, @remote}}}, 0x88) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) flistxattr(r1, &(0x7f0000000040)=""/96, 0x60) [ 978.214399][T10258] __x64_sys_perf_event_open+0x63/0x70 [ 978.219891][T10258] do_syscall_64+0x3d/0x90 [ 978.224449][T10258] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 978.230384][T10258] RIP: 0033:0x4665d9 [ 978.234447][T10258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 978.254070][T10258] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:09 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 978.262501][T10258] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 978.270485][T10258] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 978.278466][T10258] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 978.286451][T10258] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 978.294437][T10258] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:09 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xd, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:10 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x10e000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:10 executing program 4 (fault-call:1 fault-nth:22): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:10 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) flistxattr(r0, &(0x7f0000000040)=""/96, 0x60) r1 = socket$inet6(0xa, 0xa, 0x3) getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0), 0x10) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r1, 0x1, 0x3, 0x5}) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e23, 0x800, @loopback, 0x90b}, 0x1c) 10:48:10 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\f\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 978.773249][T10294] FAULT_INJECTION: forcing a failure. [ 978.773249][T10294] name failslab, interval 1, probability 0, space 0, times 0 [ 978.786086][T10294] CPU: 1 PID: 10294 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 978.794542][T10294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 978.804696][T10294] Call Trace: [ 978.808058][T10294] dump_stack_lvl+0xb7/0x103 [ 978.812669][T10294] dump_stack+0x11/0x1a [ 978.816830][T10294] should_fail+0x23c/0x250 [ 978.821278][T10294] __should_failslab+0x81/0x90 [ 978.826053][T10294] ? register_for_each_vma+0x372/0x890 [ 978.831539][T10294] should_failslab+0x5/0x20 [ 978.836047][T10294] kmem_cache_alloc_trace+0x49/0x310 [ 978.841341][T10294] ? register_for_each_vma+0x372/0x890 [ 978.846842][T10294] ? vma_interval_tree_iter_next+0x24c/0x280 [ 978.852864][T10294] register_for_each_vma+0x372/0x890 [ 978.858157][T10294] __uprobe_register+0x3f4/0x8a0 [ 978.863268][T10294] uprobe_register_refctr+0x29/0x40 [ 978.868498][T10294] probe_event_enable+0x2be/0x7d0 [ 978.873531][T10294] ? __uprobe_trace_func+0x430/0x430 [ 978.878884][T10294] trace_uprobe_register+0x88/0x410 [ 978.884104][T10294] perf_trace_event_init+0x34e/0x790 [ 978.889404][T10294] perf_uprobe_init+0xf5/0x140 [ 978.894269][T10294] perf_uprobe_event_init+0xde/0x140 [ 978.899562][T10294] perf_try_init_event+0x21a/0x400 [ 978.904686][T10294] perf_event_alloc+0xa60/0x1790 [ 978.909720][T10294] __se_sys_perf_event_open+0x5c7/0x2740 [ 978.915476][T10294] ? vfs_write+0x50c/0x770 [ 978.919896][T10294] __x64_sys_perf_event_open+0x63/0x70 [ 978.925379][T10294] do_syscall_64+0x3d/0x90 [ 978.929810][T10294] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 978.935795][T10294] RIP: 0033:0x4665d9 [ 978.939699][T10294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 978.959322][T10294] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:10 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:10 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xe, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:10 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000540)=[{&(0x7f0000000440)=""/82, 0x52}, {&(0x7f0000000180)=""/97, 0x61}, {&(0x7f0000000300)=""/101, 0x65}, {&(0x7f0000000380)=""/134, 0x86}, {&(0x7f00000006c0)=""/259, 0x103}], 0x5, 0xef, 0x1000000) preadv(r1, &(0x7f0000001200)=[{&(0x7f00000000c0)=""/182, 0xb6}, {&(0x7f0000000200)=""/90, 0x5a}, {&(0x7f0000001240)=""/4104, 0x1008}], 0x3, 0x4, 0x1) flistxattr(r0, &(0x7f0000000040)=""/96, 0x60) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) r3 = openat(r0, &(0x7f00000004c0)='./file0\x00', 0x80080, 0x18) preadv(r3, &(0x7f00000004c0), 0x0, 0x0, 0x9) mount_setattr(r0, &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)={0xd, 0x8, 0xe0000, {r2}}, 0x20) [ 978.967739][T10294] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 978.975724][T10294] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 978.983737][T10294] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 978.991715][T10294] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 978.999688][T10294] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:10 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x80400, 0x0) flistxattr(r0, &(0x7f0000000040)=""/96, 0x60) 10:48:10 executing program 4 (fault-call:1 fault-nth:23): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:10 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\r\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:10 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x10, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 979.172314][T10338] FAULT_INJECTION: forcing a failure. [ 979.172314][T10338] name failslab, interval 1, probability 0, space 0, times 0 [ 979.184976][T10338] CPU: 1 PID: 10338 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 979.193395][T10338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 979.203478][T10338] Call Trace: [ 979.206802][T10338] dump_stack_lvl+0xb7/0x103 [ 979.211405][T10338] dump_stack+0x11/0x1a [ 979.215637][T10338] should_fail+0x23c/0x250 [ 979.220071][T10338] __should_failslab+0x81/0x90 [ 979.224841][T10338] ? register_for_each_vma+0x372/0x890 [ 979.230386][T10338] should_failslab+0x5/0x20 [ 979.234901][T10338] kmem_cache_alloc_trace+0x49/0x310 [ 979.240209][T10338] ? register_for_each_vma+0x372/0x890 [ 979.245705][T10338] ? vma_interval_tree_iter_next+0x24c/0x280 [ 979.251977][T10338] register_for_each_vma+0x372/0x890 [ 979.257271][T10338] __uprobe_register+0x3f4/0x8a0 [ 979.262226][T10338] uprobe_register_refctr+0x29/0x40 [ 979.267469][T10338] probe_event_enable+0x2be/0x7d0 [ 979.272557][T10338] ? __uprobe_trace_func+0x430/0x430 [ 979.277848][T10338] trace_uprobe_register+0x88/0x410 [ 979.283047][T10338] perf_trace_event_init+0x34e/0x790 [ 979.288420][T10338] perf_uprobe_init+0xf5/0x140 [ 979.293233][T10338] perf_uprobe_event_init+0xde/0x140 [ 979.298532][T10338] perf_try_init_event+0x21a/0x400 [ 979.303724][T10338] perf_event_alloc+0xa60/0x1790 [ 979.308673][T10338] __se_sys_perf_event_open+0x5c7/0x2740 [ 979.314327][T10338] ? vfs_write+0x50c/0x770 [ 979.318768][T10338] __x64_sys_perf_event_open+0x63/0x70 [ 979.324235][T10338] do_syscall_64+0x3d/0x90 [ 979.328700][T10338] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 979.334779][T10338] RIP: 0033:0x4665d9 [ 979.338679][T10338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 979.358325][T10338] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:10 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) getpeername(r1, &(0x7f00000000c0)=@qipcrtr, &(0x7f0000000140)=0x80) flistxattr(r0, &(0x7f0000000040)=""/96, 0x60) [ 979.366840][T10338] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 979.374997][T10338] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 979.382978][T10338] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 979.390958][T10338] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 979.398936][T10338] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:10 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x200000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:10 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x11, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:10 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x6040000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:10 executing program 4 (fault-call:1 fault-nth:24): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 979.699583][T10371] FAULT_INJECTION: forcing a failure. [ 979.699583][T10371] name failslab, interval 1, probability 0, space 0, times 0 [ 979.712242][T10371] CPU: 1 PID: 10371 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 979.720665][T10371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 979.731057][T10371] Call Trace: [ 979.734346][T10371] dump_stack_lvl+0xb7/0x103 [ 979.738950][T10371] dump_stack+0x11/0x1a [ 979.743314][T10371] should_fail+0x23c/0x250 [ 979.747738][T10371] __should_failslab+0x81/0x90 [ 979.752592][T10371] ? register_for_each_vma+0x372/0x890 [ 979.758122][T10371] should_failslab+0x5/0x20 [ 979.762628][T10371] kmem_cache_alloc_trace+0x49/0x310 [ 979.767920][T10371] ? register_for_each_vma+0x372/0x890 [ 979.773456][T10371] ? vma_interval_tree_iter_next+0x24c/0x280 [ 979.781798][T10371] register_for_each_vma+0x372/0x890 [ 979.787104][T10371] __uprobe_register+0x3f4/0x8a0 [ 979.792046][T10371] uprobe_register_refctr+0x29/0x40 [ 979.797272][T10371] probe_event_enable+0x2be/0x7d0 [ 979.802301][T10371] ? __uprobe_trace_func+0x430/0x430 [ 979.807596][T10371] trace_uprobe_register+0x88/0x410 [ 979.812882][T10371] perf_trace_event_init+0x34e/0x790 [ 979.818205][T10371] perf_uprobe_init+0xf5/0x140 [ 979.823041][T10371] perf_uprobe_event_init+0xde/0x140 [ 979.828335][T10371] perf_try_init_event+0x21a/0x400 [ 979.833591][T10371] perf_event_alloc+0xa60/0x1790 [ 979.838531][T10371] __se_sys_perf_event_open+0x5c7/0x2740 [ 979.844219][T10371] ? vfs_write+0x50c/0x770 [ 979.848641][T10371] __x64_sys_perf_event_open+0x63/0x70 [ 979.854109][T10371] do_syscall_64+0x3d/0x90 [ 979.858608][T10371] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 979.864607][T10371] RIP: 0033:0x4665d9 [ 979.868505][T10371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 979.888143][T10371] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 979.896574][T10371] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 979.904559][T10371] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 979.912543][T10371] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 979.920550][T10371] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 979.928585][T10371] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:11 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x26000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:11 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x0e\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:11 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x12, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:11 executing program 4 (fault-call:1 fault-nth:25): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 980.075196][T10387] FAULT_INJECTION: forcing a failure. [ 980.075196][T10387] name failslab, interval 1, probability 0, space 0, times 0 [ 980.087903][T10387] CPU: 1 PID: 10387 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 980.096343][T10387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 980.106415][T10387] Call Trace: [ 980.109706][T10387] dump_stack_lvl+0xb7/0x103 [ 980.114307][T10387] dump_stack+0x11/0x1a [ 980.118474][T10387] should_fail+0x23c/0x250 [ 980.122896][T10387] __should_failslab+0x81/0x90 [ 980.127662][T10387] ? register_for_each_vma+0x372/0x890 [ 980.133127][T10387] should_failslab+0x5/0x20 [ 980.137641][T10387] kmem_cache_alloc_trace+0x49/0x310 [ 980.142935][T10387] ? register_for_each_vma+0x372/0x890 [ 980.148405][T10387] ? vma_interval_tree_iter_next+0x263/0x280 [ 980.154406][T10387] register_for_each_vma+0x372/0x890 [ 980.159712][T10387] __uprobe_register+0x3f4/0x8a0 [ 980.164665][T10387] uprobe_register_refctr+0x29/0x40 [ 980.169873][T10387] probe_event_enable+0x2be/0x7d0 [ 980.174904][T10387] ? __uprobe_trace_func+0x430/0x430 [ 980.180204][T10387] trace_uprobe_register+0x88/0x410 [ 980.185464][T10387] perf_trace_event_init+0x34e/0x790 [ 980.190771][T10387] perf_uprobe_init+0xf5/0x140 [ 980.195614][T10387] perf_uprobe_event_init+0xde/0x140 [ 980.200909][T10387] perf_try_init_event+0x21a/0x400 [ 980.206029][T10387] perf_event_alloc+0xa60/0x1790 [ 980.210972][T10387] __se_sys_perf_event_open+0x5c7/0x2740 [ 980.216644][T10387] ? vfs_write+0x50c/0x770 [ 980.221075][T10387] __x64_sys_perf_event_open+0x63/0x70 [ 980.226565][T10387] do_syscall_64+0x3d/0x90 [ 980.230998][T10387] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 980.236990][T10387] RIP: 0033:0x4665d9 [ 980.240979][T10387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 980.260601][T10387] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:11 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x1c, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 980.269062][T10387] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 980.277103][T10387] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 980.285120][T10387] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 980.293106][T10387] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 980.301090][T10387] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:11 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x204000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:11 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = gettid() r3 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r4 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r3, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r2, 0x7) r5 = syz_io_uring_complete(0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) flistxattr(r0, &(0x7f0000000040)=""/96, 0x60) 10:48:11 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x26, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:11 executing program 4 (fault-call:1 fault-nth:26): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 980.700482][T10413] FAULT_INJECTION: forcing a failure. [ 980.700482][T10413] name failslab, interval 1, probability 0, space 0, times 0 [ 980.713226][T10413] CPU: 0 PID: 10413 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 980.721725][T10413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 980.731783][T10413] Call Trace: [ 980.735064][T10413] dump_stack_lvl+0xb7/0x103 [ 980.739698][T10413] dump_stack+0x11/0x1a [ 980.743858][T10413] should_fail+0x23c/0x250 [ 980.748342][T10413] __should_failslab+0x81/0x90 [ 980.753123][T10413] ? register_for_each_vma+0x372/0x890 [ 980.758645][T10413] should_failslab+0x5/0x20 [ 980.763293][T10413] kmem_cache_alloc_trace+0x49/0x310 [ 980.768586][T10413] ? register_for_each_vma+0x372/0x890 [ 980.774051][T10413] ? vma_interval_tree_iter_next+0x263/0x280 [ 980.780043][T10413] register_for_each_vma+0x372/0x890 [ 980.785333][T10413] __uprobe_register+0x3f4/0x8a0 [ 980.790277][T10413] uprobe_register_refctr+0x29/0x40 [ 980.795476][T10413] probe_event_enable+0x2be/0x7d0 [ 980.800533][T10413] ? __uprobe_trace_func+0x430/0x430 [ 980.805828][T10413] trace_uprobe_register+0x88/0x410 [ 980.811054][T10413] perf_trace_event_init+0x34e/0x790 [ 980.816341][T10413] perf_uprobe_init+0xf5/0x140 [ 980.821108][T10413] perf_uprobe_event_init+0xde/0x140 [ 980.826404][T10413] perf_try_init_event+0x21a/0x400 [ 980.831520][T10413] perf_event_alloc+0xa60/0x1790 [ 980.836589][T10413] __se_sys_perf_event_open+0x5c7/0x2740 [ 980.842229][T10413] ? vfs_write+0x50c/0x770 [ 980.846737][T10413] __x64_sys_perf_event_open+0x63/0x70 [ 980.852204][T10413] do_syscall_64+0x3d/0x90 [ 980.856637][T10413] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 980.862584][T10413] RIP: 0033:0x4665d9 [ 980.866484][T10413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 980.886102][T10413] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:12 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = gettid() r3 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r4 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r3, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r2, 0x7) r5 = syz_io_uring_complete(0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) flistxattr(r0, &(0x7f0000000040)=""/96, 0x60) 10:48:12 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x27, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 980.894558][T10413] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 980.902627][T10413] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 980.910801][T10413] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 980.918779][T10413] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 980.926759][T10413] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:12 executing program 4 (fault-call:1 fault-nth:27): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 981.077031][T10435] FAULT_INJECTION: forcing a failure. [ 981.077031][T10435] name failslab, interval 1, probability 0, space 0, times 0 [ 981.089732][T10435] CPU: 1 PID: 10435 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 981.098188][T10435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 981.108257][T10435] Call Trace: [ 981.111552][T10435] dump_stack_lvl+0xb7/0x103 [ 981.116176][T10435] dump_stack+0x11/0x1a [ 981.120366][T10435] should_fail+0x23c/0x250 [ 981.124855][T10435] __should_failslab+0x81/0x90 [ 981.129638][T10435] ? register_for_each_vma+0x372/0x890 [ 981.135119][T10435] should_failslab+0x5/0x20 [ 981.139740][T10435] kmem_cache_alloc_trace+0x49/0x310 [ 981.145045][T10435] ? register_for_each_vma+0x372/0x890 [ 981.150516][T10435] ? vma_interval_tree_iter_next+0x263/0x280 [ 981.156579][T10435] register_for_each_vma+0x372/0x890 [ 981.161907][T10435] __uprobe_register+0x3f4/0x8a0 [ 981.166958][T10435] uprobe_register_refctr+0x29/0x40 [ 981.172156][T10435] probe_event_enable+0x2be/0x7d0 [ 981.177194][T10435] ? __uprobe_trace_func+0x430/0x430 [ 981.182489][T10435] trace_uprobe_register+0x88/0x410 [ 981.187690][T10435] perf_trace_event_init+0x34e/0x790 [ 981.193152][T10435] perf_uprobe_init+0xf5/0x140 [ 981.197955][T10435] perf_uprobe_event_init+0xde/0x140 [ 981.203268][T10435] perf_try_init_event+0x21a/0x400 [ 981.208410][T10435] perf_event_alloc+0xa60/0x1790 [ 981.213421][T10435] __se_sys_perf_event_open+0x5c7/0x2740 [ 981.219065][T10435] ? vfs_write+0x50c/0x770 [ 981.223481][T10435] __x64_sys_perf_event_open+0x63/0x70 [ 981.229027][T10435] do_syscall_64+0x3d/0x90 [ 981.233501][T10435] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 981.239400][T10435] RIP: 0033:0x4665d9 [ 981.243286][T10435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 981.262978][T10435] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:12 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2d050000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:12 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x11\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:12 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x48, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:12 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = gettid() r3 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r4 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r3, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r2, 0x7) r5 = syz_io_uring_complete(0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) flistxattr(r0, &(0x7f0000000040)=""/96, 0x60) [ 981.271413][T10435] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 981.279472][T10435] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 981.287442][T10435] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 981.295417][T10435] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 981.303398][T10435] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:12 executing program 4 (fault-call:1 fault-nth:28): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 981.433328][T10458] FAULT_INJECTION: forcing a failure. [ 981.433328][T10458] name failslab, interval 1, probability 0, space 0, times 0 [ 981.446233][T10458] CPU: 0 PID: 10458 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 981.454656][T10458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 981.464718][T10458] Call Trace: [ 981.467995][T10458] dump_stack_lvl+0xb7/0x103 [ 981.472598][T10458] dump_stack+0x11/0x1a [ 981.476753][T10458] should_fail+0x23c/0x250 [ 981.481174][T10458] __should_failslab+0x81/0x90 [ 981.485938][T10458] ? register_for_each_vma+0x372/0x890 [ 981.491407][T10458] should_failslab+0x5/0x20 [ 981.495952][T10458] kmem_cache_alloc_trace+0x49/0x310 [ 981.501267][T10458] ? register_for_each_vma+0x372/0x890 [ 981.506729][T10458] ? vma_interval_tree_iter_next+0x263/0x280 [ 981.512720][T10458] register_for_each_vma+0x372/0x890 [ 981.518093][T10458] __uprobe_register+0x3f4/0x8a0 [ 981.523050][T10458] uprobe_register_refctr+0x29/0x40 [ 981.528276][T10458] probe_event_enable+0x2be/0x7d0 [ 981.533329][T10458] ? __uprobe_trace_func+0x430/0x430 [ 981.538649][T10458] trace_uprobe_register+0x88/0x410 [ 981.543867][T10458] perf_trace_event_init+0x34e/0x790 [ 981.549221][T10458] perf_uprobe_init+0xf5/0x140 [ 981.554065][T10458] perf_uprobe_event_init+0xde/0x140 [ 981.559354][T10458] perf_try_init_event+0x21a/0x400 [ 981.564593][T10458] perf_event_alloc+0xa60/0x1790 [ 981.569598][T10458] __se_sys_perf_event_open+0x5c7/0x2740 [ 981.575275][T10458] ? vfs_write+0x50c/0x770 [ 981.579702][T10458] __x64_sys_perf_event_open+0x63/0x70 [ 981.585164][T10458] do_syscall_64+0x3d/0x90 [ 981.589602][T10458] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 981.595507][T10458] RIP: 0033:0x4665d9 [ 981.599409][T10458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 981.619195][T10458] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 981.627735][T10458] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 981.635719][T10458] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 981.643709][T10458] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 981.651775][T10458] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 981.659762][T10458] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:13 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x300000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:13 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x4c, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r2, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) r4 = syz_io_uring_complete(0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) 10:48:13 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x12\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:13 executing program 4 (fault-call:1 fault-nth:29): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:13 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x68, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 981.792651][T10485] FAULT_INJECTION: forcing a failure. [ 981.792651][T10485] name failslab, interval 1, probability 0, space 0, times 0 [ 981.805404][T10485] CPU: 0 PID: 10485 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 981.813846][T10485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 981.823931][T10485] Call Trace: [ 981.827210][T10485] dump_stack_lvl+0xb7/0x103 [ 981.831863][T10485] dump_stack+0x11/0x1a [ 981.836063][T10485] should_fail+0x23c/0x250 [ 981.840506][T10485] __should_failslab+0x81/0x90 [ 981.845271][T10485] ? register_for_each_vma+0x372/0x890 [ 981.850794][T10485] should_failslab+0x5/0x20 [ 981.855386][T10485] kmem_cache_alloc_trace+0x49/0x310 [ 981.861216][T10485] ? register_for_each_vma+0x372/0x890 [ 981.866680][T10485] ? vma_interval_tree_iter_next+0x263/0x280 [ 981.872664][T10485] register_for_each_vma+0x372/0x890 [ 981.877956][T10485] __uprobe_register+0x3f4/0x8a0 [ 981.882896][T10485] uprobe_register_refctr+0x29/0x40 [ 981.888097][T10485] probe_event_enable+0x2be/0x7d0 [ 981.893117][T10485] ? __uprobe_trace_func+0x430/0x430 [ 981.898550][T10485] trace_uprobe_register+0x88/0x410 [ 981.903770][T10485] perf_trace_event_init+0x34e/0x790 [ 981.909070][T10485] perf_uprobe_init+0xf5/0x140 [ 981.913835][T10485] perf_uprobe_event_init+0xde/0x140 [ 981.919210][T10485] perf_try_init_event+0x21a/0x400 [ 981.924321][T10485] perf_event_alloc+0xa60/0x1790 [ 981.929284][T10485] __se_sys_perf_event_open+0x5c7/0x2740 [ 981.934923][T10485] ? vfs_write+0x50c/0x770 [ 981.939344][T10485] __x64_sys_perf_event_open+0x63/0x70 [ 981.944841][T10485] do_syscall_64+0x3d/0x90 [ 981.949287][T10485] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 981.955258][T10485] RIP: 0033:0x4665d9 [ 981.959177][T10485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 981.978889][T10485] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r2, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) syz_io_uring_complete(0x0) [ 981.987320][T10485] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 981.995334][T10485] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 982.003315][T10485] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 982.014011][T10485] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 982.022029][T10485] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:13 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x3f000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:13 executing program 4 (fault-call:1 fault-nth:30): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:13 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x6c, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:13 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x02\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 982.279084][T10520] FAULT_INJECTION: forcing a failure. [ 982.279084][T10520] name failslab, interval 1, probability 0, space 0, times 0 [ 982.291758][T10520] CPU: 1 PID: 10520 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 982.300184][T10520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 982.310241][T10520] Call Trace: [ 982.313522][T10520] dump_stack_lvl+0xb7/0x103 [ 982.318156][T10520] dump_stack+0x11/0x1a [ 982.322411][T10520] should_fail+0x23c/0x250 [ 982.326833][T10520] __should_failslab+0x81/0x90 [ 982.331595][T10520] ? register_for_each_vma+0x372/0x890 [ 982.337127][T10520] should_failslab+0x5/0x20 [ 982.341632][T10520] kmem_cache_alloc_trace+0x49/0x310 [ 982.346920][T10520] ? register_for_each_vma+0x372/0x890 [ 982.352382][T10520] ? vma_interval_tree_iter_next+0x24c/0x280 [ 982.358363][T10520] register_for_each_vma+0x372/0x890 [ 982.363687][T10520] __uprobe_register+0x3f4/0x8a0 [ 982.368626][T10520] uprobe_register_refctr+0x29/0x40 [ 982.373823][T10520] probe_event_enable+0x2be/0x7d0 10:48:13 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r2, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 982.378844][T10520] ? __uprobe_trace_func+0x430/0x430 [ 982.384140][T10520] trace_uprobe_register+0x88/0x410 [ 982.389351][T10520] perf_trace_event_init+0x34e/0x790 [ 982.394731][T10520] perf_uprobe_init+0xf5/0x140 [ 982.399641][T10520] perf_uprobe_event_init+0xde/0x140 [ 982.405091][T10520] perf_try_init_event+0x21a/0x400 [ 982.410265][T10520] perf_event_alloc+0xa60/0x1790 [ 982.415203][T10520] __se_sys_perf_event_open+0x5c7/0x2740 [ 982.420934][T10520] ? vfs_write+0x50c/0x770 [ 982.425389][T10520] __x64_sys_perf_event_open+0x63/0x70 [ 982.430857][T10520] do_syscall_64+0x3d/0x90 [ 982.435294][T10520] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 982.441299][T10520] RIP: 0033:0x4665d9 [ 982.445263][T10520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 982.464889][T10520] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 982.473330][T10520] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 982.481316][T10520] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 982.489310][T10520] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 982.497297][T10520] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 982.505276][T10520] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:13 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x400000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:13 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x74, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:13 executing program 4 (fault-call:1 fault-nth:31): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:13 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x03\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 982.701324][T10554] FAULT_INJECTION: forcing a failure. [ 982.701324][T10554] name failslab, interval 1, probability 0, space 0, times 0 [ 982.714091][T10554] CPU: 1 PID: 10554 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 982.722558][T10554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 982.732649][T10554] Call Trace: [ 982.735940][T10554] dump_stack_lvl+0xb7/0x103 [ 982.740552][T10554] dump_stack+0x11/0x1a [ 982.744780][T10554] should_fail+0x23c/0x250 [ 982.749209][T10554] __should_failslab+0x81/0x90 [ 982.753982][T10554] ? register_for_each_vma+0x372/0x890 [ 982.759493][T10554] should_failslab+0x5/0x20 [ 982.764025][T10554] kmem_cache_alloc_trace+0x49/0x310 [ 982.769316][T10554] ? register_for_each_vma+0x372/0x890 [ 982.774799][T10554] ? vma_interval_tree_iter_next+0x24c/0x280 [ 982.780787][T10554] register_for_each_vma+0x372/0x890 [ 982.786113][T10554] __uprobe_register+0x3f4/0x8a0 [ 982.791137][T10554] uprobe_register_refctr+0x29/0x40 [ 982.796336][T10554] probe_event_enable+0x2be/0x7d0 [ 982.801364][T10554] ? __uprobe_trace_func+0x430/0x430 [ 982.806660][T10554] trace_uprobe_register+0x88/0x410 [ 982.811952][T10554] perf_trace_event_init+0x34e/0x790 [ 982.817297][T10554] perf_uprobe_init+0xf5/0x140 [ 982.822065][T10554] perf_uprobe_event_init+0xde/0x140 [ 982.827461][T10554] perf_try_init_event+0x21a/0x400 [ 982.832625][T10554] perf_event_alloc+0xa60/0x1790 [ 982.837662][T10554] __se_sys_perf_event_open+0x5c7/0x2740 [ 982.843305][T10554] ? vfs_write+0x50c/0x770 [ 982.847731][T10554] __x64_sys_perf_event_open+0x63/0x70 [ 982.853276][T10554] do_syscall_64+0x3d/0x90 [ 982.857727][T10554] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 982.863641][T10554] RIP: 0033:0x4665d9 [ 982.867639][T10554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 982.887286][T10554] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:14 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x7a, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:14 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r1, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) [ 982.895728][T10554] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 982.903780][T10554] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 982.911780][T10554] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 982.919761][T10554] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 982.927733][T10554] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:14 executing program 4 (fault-call:1 fault-nth:32): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 983.058374][T10579] FAULT_INJECTION: forcing a failure. [ 983.058374][T10579] name failslab, interval 1, probability 0, space 0, times 0 [ 983.071034][T10579] CPU: 1 PID: 10579 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 983.079547][T10579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 983.089624][T10579] Call Trace: [ 983.092913][T10579] dump_stack_lvl+0xb7/0x103 [ 983.097523][T10579] dump_stack+0x11/0x1a [ 983.101754][T10579] should_fail+0x23c/0x250 [ 983.106327][T10579] __should_failslab+0x81/0x90 [ 983.111104][T10579] ? register_for_each_vma+0x372/0x890 [ 983.116591][T10579] should_failslab+0x5/0x20 [ 983.121117][T10579] kmem_cache_alloc_trace+0x49/0x310 [ 983.126420][T10579] ? register_for_each_vma+0x372/0x890 [ 983.131889][T10579] ? vma_interval_tree_iter_next+0x24c/0x280 [ 983.137881][T10579] register_for_each_vma+0x372/0x890 [ 983.143171][T10579] __uprobe_register+0x3f4/0x8a0 [ 983.148104][T10579] uprobe_register_refctr+0x29/0x40 [ 983.153303][T10579] probe_event_enable+0x2be/0x7d0 [ 983.158328][T10579] ? __uprobe_trace_func+0x430/0x430 [ 983.163648][T10579] trace_uprobe_register+0x88/0x410 [ 983.168844][T10579] perf_trace_event_init+0x34e/0x790 [ 983.174128][T10579] perf_uprobe_init+0xf5/0x140 [ 983.178897][T10579] perf_uprobe_event_init+0xde/0x140 [ 983.184186][T10579] perf_try_init_event+0x21a/0x400 [ 983.189334][T10579] perf_event_alloc+0xa60/0x1790 [ 983.194281][T10579] __se_sys_perf_event_open+0x5c7/0x2740 [ 983.199932][T10579] ? vfs_write+0x50c/0x770 [ 983.204354][T10579] __x64_sys_perf_event_open+0x63/0x70 [ 983.209919][T10579] do_syscall_64+0x3d/0x90 [ 983.214399][T10579] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 983.220304][T10579] RIP: 0033:0x4665d9 [ 983.224244][T10579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 983.243858][T10579] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 983.252300][T10579] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 983.260371][T10579] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 983.268506][T10579] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 983.276498][T10579] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 983.284510][T10579] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:14 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x40000800, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:14 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x04\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:14 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:14 executing program 4 (fault-call:1 fault-nth:33): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 983.415393][T10597] FAULT_INJECTION: forcing a failure. [ 983.415393][T10597] name failslab, interval 1, probability 0, space 0, times 0 [ 983.428068][T10597] CPU: 0 PID: 10597 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 983.436514][T10597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 983.446595][T10597] Call Trace: [ 983.449879][T10597] dump_stack_lvl+0xb7/0x103 [ 983.454521][T10597] dump_stack+0x11/0x1a [ 983.458688][T10597] should_fail+0x23c/0x250 [ 983.463142][T10597] __should_failslab+0x81/0x90 [ 983.467979][T10597] ? register_for_each_vma+0x372/0x890 [ 983.473492][T10597] should_failslab+0x5/0x20 [ 983.478006][T10597] kmem_cache_alloc_trace+0x49/0x310 [ 983.483347][T10597] ? register_for_each_vma+0x372/0x890 [ 983.488807][T10597] ? vma_interval_tree_iter_next+0x263/0x280 [ 983.494874][T10597] register_for_each_vma+0x372/0x890 [ 983.500177][T10597] __uprobe_register+0x3f4/0x8a0 [ 983.505151][T10597] uprobe_register_refctr+0x29/0x40 [ 983.510364][T10597] probe_event_enable+0x2be/0x7d0 [ 983.515415][T10597] ? __uprobe_trace_func+0x430/0x430 [ 983.520718][T10597] trace_uprobe_register+0x88/0x410 [ 983.525928][T10597] perf_trace_event_init+0x34e/0x790 [ 983.531261][T10597] perf_uprobe_init+0xf5/0x140 [ 983.536071][T10597] perf_uprobe_event_init+0xde/0x140 [ 983.541369][T10597] perf_try_init_event+0x21a/0x400 [ 983.546497][T10597] perf_event_alloc+0xa60/0x1790 [ 983.551444][T10597] __se_sys_perf_event_open+0x5c7/0x2740 [ 983.557092][T10597] ? vfs_write+0x50c/0x770 [ 983.561510][T10597] __x64_sys_perf_event_open+0x63/0x70 [ 983.567098][T10597] do_syscall_64+0x3d/0x90 [ 983.571549][T10597] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 983.577451][T10597] RIP: 0033:0x4665d9 [ 983.581344][T10597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 983.600975][T10597] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 983.609423][T10597] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 983.617401][T10597] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 983.625380][T10597] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 983.633369][T10597] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 983.641356][T10597] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:15 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x500000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:15 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:15 executing program 4 (fault-call:1 fault-nth:34): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:15 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x05\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:15 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 983.832617][T10622] FAULT_INJECTION: forcing a failure. [ 983.832617][T10622] name failslab, interval 1, probability 0, space 0, times 0 [ 983.845304][T10622] CPU: 0 PID: 10622 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 983.853821][T10622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 983.863888][T10622] Call Trace: [ 983.867201][T10622] dump_stack_lvl+0xb7/0x103 [ 983.871818][T10622] dump_stack+0x11/0x1a [ 983.876056][T10622] should_fail+0x23c/0x250 [ 983.880490][T10622] __should_failslab+0x81/0x90 [ 983.885261][T10622] ? register_for_each_vma+0x372/0x890 [ 983.890726][T10622] should_failslab+0x5/0x20 [ 983.895256][T10622] kmem_cache_alloc_trace+0x49/0x310 [ 983.900546][T10622] ? register_for_each_vma+0x372/0x890 [ 983.906054][T10622] ? vma_interval_tree_iter_next+0x263/0x280 [ 983.912037][T10622] register_for_each_vma+0x372/0x890 [ 983.917328][T10622] __uprobe_register+0x3f4/0x8a0 [ 983.922268][T10622] uprobe_register_refctr+0x29/0x40 [ 983.927497][T10622] probe_event_enable+0x2be/0x7d0 [ 983.932522][T10622] ? __uprobe_trace_func+0x430/0x430 [ 983.937879][T10622] trace_uprobe_register+0x88/0x410 [ 983.943120][T10622] perf_trace_event_init+0x34e/0x790 [ 983.948457][T10622] perf_uprobe_init+0xf5/0x140 [ 983.953239][T10622] perf_uprobe_event_init+0xde/0x140 [ 983.958532][T10622] perf_try_init_event+0x21a/0x400 [ 983.963706][T10622] perf_event_alloc+0xa60/0x1790 [ 983.968642][T10622] __se_sys_perf_event_open+0x5c7/0x2740 [ 983.974286][T10622] ? vfs_write+0x50c/0x770 [ 983.978705][T10622] __x64_sys_perf_event_open+0x63/0x70 [ 983.984173][T10622] do_syscall_64+0x3d/0x90 [ 983.988596][T10622] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 983.994497][T10622] RIP: 0033:0x4665d9 [ 983.998390][T10622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 984.018025][T10622] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:15 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r1, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) [ 984.026470][T10622] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 984.034440][T10622] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 984.042468][T10622] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 984.050442][T10622] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 984.058412][T10622] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:15 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x80040000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:15 executing program 4 (fault-call:1 fault-nth:35): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:15 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:15 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x06\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 984.401766][T10651] FAULT_INJECTION: forcing a failure. [ 984.401766][T10651] name failslab, interval 1, probability 0, space 0, times 0 [ 984.414451][T10651] CPU: 1 PID: 10651 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 984.422869][T10651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 984.432968][T10651] Call Trace: [ 984.436261][T10651] dump_stack_lvl+0xb7/0x103 [ 984.440869][T10651] dump_stack+0x11/0x1a [ 984.445101][T10651] should_fail+0x23c/0x250 [ 984.449577][T10651] __should_failslab+0x81/0x90 [ 984.454353][T10651] ? register_for_each_vma+0x372/0x890 [ 984.459823][T10651] should_failslab+0x5/0x20 [ 984.464345][T10651] kmem_cache_alloc_trace+0x49/0x310 [ 984.469666][T10651] ? register_for_each_vma+0x372/0x890 [ 984.475184][T10651] ? vma_interval_tree_iter_next+0x263/0x280 [ 984.481232][T10651] register_for_each_vma+0x372/0x890 [ 984.486533][T10651] __uprobe_register+0x3f4/0x8a0 [ 984.491485][T10651] uprobe_register_refctr+0x29/0x40 [ 984.496685][T10651] probe_event_enable+0x2be/0x7d0 [ 984.501708][T10651] ? __uprobe_trace_func+0x430/0x430 [ 984.506999][T10651] trace_uprobe_register+0x88/0x410 [ 984.512212][T10651] perf_trace_event_init+0x34e/0x790 [ 984.517512][T10651] perf_uprobe_init+0xf5/0x140 [ 984.522283][T10651] perf_uprobe_event_init+0xde/0x140 [ 984.527574][T10651] perf_try_init_event+0x21a/0x400 [ 984.532734][T10651] perf_event_alloc+0xa60/0x1790 [ 984.537675][T10651] __se_sys_perf_event_open+0x5c7/0x2740 [ 984.543317][T10651] ? vfs_write+0x50c/0x770 [ 984.547757][T10651] __x64_sys_perf_event_open+0x63/0x70 [ 984.553223][T10651] do_syscall_64+0x3d/0x90 [ 984.557675][T10651] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 984.563585][T10651] RIP: 0033:0x4665d9 [ 984.567483][T10651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 984.587118][T10651] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:15 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:15 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x600000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) [ 984.595745][T10651] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 984.603745][T10651] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 984.611780][T10651] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 984.619823][T10651] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 984.627857][T10651] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:16 executing program 4 (fault-call:1 fault-nth:36): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:16 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 984.753936][T10673] FAULT_INJECTION: forcing a failure. [ 984.753936][T10673] name failslab, interval 1, probability 0, space 0, times 0 [ 984.766683][T10673] CPU: 1 PID: 10673 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 984.775103][T10673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 984.785158][T10673] Call Trace: [ 984.788478][T10673] dump_stack_lvl+0xb7/0x103 [ 984.793077][T10673] dump_stack+0x11/0x1a [ 984.797284][T10673] should_fail+0x23c/0x250 [ 984.801706][T10673] __should_failslab+0x81/0x90 [ 984.806519][T10673] ? register_for_each_vma+0x372/0x890 [ 984.811983][T10673] should_failslab+0x5/0x20 [ 984.816487][T10673] kmem_cache_alloc_trace+0x49/0x310 [ 984.821789][T10673] ? register_for_each_vma+0x372/0x890 [ 984.827243][T10673] ? vma_interval_tree_iter_next+0x263/0x280 [ 984.833351][T10673] register_for_each_vma+0x372/0x890 [ 984.838701][T10673] __uprobe_register+0x3f4/0x8a0 [ 984.843639][T10673] uprobe_register_refctr+0x29/0x40 [ 984.848850][T10673] probe_event_enable+0x2be/0x7d0 [ 984.853907][T10673] ? __uprobe_trace_func+0x430/0x430 [ 984.859206][T10673] trace_uprobe_register+0x88/0x410 [ 984.864404][T10673] perf_trace_event_init+0x34e/0x790 [ 984.869696][T10673] perf_uprobe_init+0xf5/0x140 [ 984.874574][T10673] perf_uprobe_event_init+0xde/0x140 [ 984.879934][T10673] perf_try_init_event+0x21a/0x400 [ 984.885143][T10673] perf_event_alloc+0xa60/0x1790 [ 984.890152][T10673] __se_sys_perf_event_open+0x5c7/0x2740 [ 984.895836][T10673] ? vfs_write+0x50c/0x770 [ 984.900256][T10673] __x64_sys_perf_event_open+0x63/0x70 [ 984.905735][T10673] do_syscall_64+0x3d/0x90 [ 984.910164][T10673] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 984.916099][T10673] RIP: 0033:0x4665d9 [ 984.919993][T10673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 984.939609][T10673] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:16 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 984.948038][T10673] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 984.956007][T10673] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 984.964086][T10673] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 984.972098][T10673] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 984.980147][T10673] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:16 executing program 4 (fault-call:1 fault-nth:37): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:16 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 985.103818][T10693] FAULT_INJECTION: forcing a failure. [ 985.103818][T10693] name failslab, interval 1, probability 0, space 0, times 0 [ 985.116484][T10693] CPU: 1 PID: 10693 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 985.124995][T10693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 985.135051][T10693] Call Trace: [ 985.138334][T10693] dump_stack_lvl+0xb7/0x103 [ 985.142934][T10693] dump_stack+0x11/0x1a [ 985.147153][T10693] should_fail+0x23c/0x250 [ 985.151573][T10693] __should_failslab+0x81/0x90 [ 985.156343][T10693] ? register_for_each_vma+0x372/0x890 [ 985.161804][T10693] should_failslab+0x5/0x20 [ 985.166342][T10693] kmem_cache_alloc_trace+0x49/0x310 [ 985.171631][T10693] ? register_for_each_vma+0x372/0x890 [ 985.177119][T10693] ? vma_interval_tree_iter_next+0x263/0x280 [ 985.183147][T10693] register_for_each_vma+0x372/0x890 [ 985.188436][T10693] __uprobe_register+0x3f4/0x8a0 [ 985.193374][T10693] uprobe_register_refctr+0x29/0x40 [ 985.198570][T10693] probe_event_enable+0x2be/0x7d0 [ 985.203650][T10693] ? __uprobe_trace_func+0x430/0x430 [ 985.208947][T10693] trace_uprobe_register+0x88/0x410 [ 985.214151][T10693] perf_trace_event_init+0x34e/0x790 [ 985.219449][T10693] perf_uprobe_init+0xf5/0x140 [ 985.224224][T10693] perf_uprobe_event_init+0xde/0x140 [ 985.229633][T10693] perf_try_init_event+0x21a/0x400 [ 985.234807][T10693] perf_event_alloc+0xa60/0x1790 [ 985.239747][T10693] __se_sys_perf_event_open+0x5c7/0x2740 [ 985.245443][T10693] ? vfs_write+0x50c/0x770 [ 985.249883][T10693] __x64_sys_perf_event_open+0x63/0x70 [ 985.255342][T10693] do_syscall_64+0x3d/0x90 [ 985.259791][T10693] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 985.265825][T10693] RIP: 0033:0x4665d9 [ 985.269727][T10693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 985.289343][T10693] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:16 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r1, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) [ 985.297816][T10693] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 985.305831][T10693] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 985.314086][T10693] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 985.322128][T10693] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 985.330109][T10693] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:16 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xf6ffffff, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:16 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\a\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:16 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:16 executing program 4 (fault-call:1 fault-nth:38): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 985.465513][T10713] FAULT_INJECTION: forcing a failure. [ 985.465513][T10713] name failslab, interval 1, probability 0, space 0, times 0 [ 985.478193][T10713] CPU: 0 PID: 10713 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 985.486628][T10713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 985.496692][T10713] Call Trace: [ 985.499976][T10713] dump_stack_lvl+0xb7/0x103 [ 985.504644][T10713] dump_stack+0x11/0x1a [ 985.508804][T10713] should_fail+0x23c/0x250 [ 985.513312][T10713] __should_failslab+0x81/0x90 [ 985.518175][T10713] ? register_for_each_vma+0x372/0x890 [ 985.523631][T10713] should_failslab+0x5/0x20 [ 985.528152][T10713] kmem_cache_alloc_trace+0x49/0x310 [ 985.533452][T10713] ? register_for_each_vma+0x372/0x890 [ 985.539021][T10713] ? vma_interval_tree_iter_next+0x24c/0x280 [ 985.545011][T10713] register_for_each_vma+0x372/0x890 [ 985.550302][T10713] __uprobe_register+0x3f4/0x8a0 [ 985.555238][T10713] uprobe_register_refctr+0x29/0x40 [ 985.560442][T10713] probe_event_enable+0x2be/0x7d0 [ 985.565466][T10713] ? __uprobe_trace_func+0x430/0x430 [ 985.570803][T10713] trace_uprobe_register+0x88/0x410 [ 985.576001][T10713] perf_trace_event_init+0x34e/0x790 [ 985.581346][T10713] perf_uprobe_init+0xf5/0x140 [ 985.586142][T10713] perf_uprobe_event_init+0xde/0x140 [ 985.591476][T10713] perf_try_init_event+0x21a/0x400 [ 985.596592][T10713] perf_event_alloc+0xa60/0x1790 [ 985.601570][T10713] __se_sys_perf_event_open+0x5c7/0x2740 [ 985.607201][T10713] ? vfs_write+0x50c/0x770 [ 985.611623][T10713] __x64_sys_perf_event_open+0x63/0x70 [ 985.617106][T10713] do_syscall_64+0x3d/0x90 [ 985.621545][T10713] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 985.627474][T10713] RIP: 0033:0x4665d9 [ 985.631370][T10713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 985.650982][T10713] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:17 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 985.659419][T10713] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 985.667404][T10713] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 985.675388][T10713] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 985.683448][T10713] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 985.691463][T10713] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x604000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:17 executing program 4 (fault-call:1 fault-nth:39): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:17 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0xa, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:17 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\b\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 985.866013][T10745] FAULT_INJECTION: forcing a failure. [ 985.866013][T10745] name failslab, interval 1, probability 0, space 0, times 0 [ 985.878704][T10745] CPU: 0 PID: 10745 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 985.887124][T10745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 985.897201][T10745] Call Trace: [ 985.900491][T10745] dump_stack_lvl+0xb7/0x103 [ 985.905134][T10745] dump_stack+0x11/0x1a [ 985.909335][T10745] should_fail+0x23c/0x250 [ 985.913791][T10745] __should_failslab+0x81/0x90 [ 985.918556][T10745] ? register_for_each_vma+0x372/0x890 [ 985.924060][T10745] should_failslab+0x5/0x20 [ 985.928571][T10745] kmem_cache_alloc_trace+0x49/0x310 [ 985.933917][T10745] ? register_for_each_vma+0x372/0x890 [ 985.939377][T10745] ? vma_interval_tree_iter_next+0x263/0x280 [ 985.945369][T10745] register_for_each_vma+0x372/0x890 [ 985.950660][T10745] __uprobe_register+0x3f4/0x8a0 [ 985.955606][T10745] uprobe_register_refctr+0x29/0x40 [ 985.960814][T10745] probe_event_enable+0x2be/0x7d0 [ 985.966301][T10745] ? __uprobe_trace_func+0x430/0x430 [ 985.971705][T10745] trace_uprobe_register+0x88/0x410 [ 985.976922][T10745] perf_trace_event_init+0x34e/0x790 [ 985.982284][T10745] perf_uprobe_init+0xf5/0x140 [ 985.987080][T10745] perf_uprobe_event_init+0xde/0x140 [ 985.992473][T10745] perf_try_init_event+0x21a/0x400 [ 985.997619][T10745] perf_event_alloc+0xa60/0x1790 [ 986.002697][T10745] __se_sys_perf_event_open+0x5c7/0x2740 [ 986.008360][T10745] ? vfs_write+0x50c/0x770 [ 986.012785][T10745] __x64_sys_perf_event_open+0x63/0x70 [ 986.018297][T10745] do_syscall_64+0x3d/0x90 [ 986.022788][T10745] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 986.028726][T10745] RIP: 0033:0x4665d9 [ 986.032663][T10745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 986.052367][T10745] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:17 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0xb, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 986.060795][T10745] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 986.068831][T10745] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 986.076815][T10745] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 986.084795][T10745] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 986.092774][T10745] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:17 executing program 4 (fault-call:1 fault-nth:40): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:17 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r2, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) tkill(r1, 0x7) [ 986.266149][T10767] FAULT_INJECTION: forcing a failure. [ 986.266149][T10767] name failslab, interval 1, probability 0, space 0, times 0 [ 986.278833][T10767] CPU: 0 PID: 10767 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 986.287248][T10767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 986.297388][T10767] Call Trace: [ 986.300667][T10767] dump_stack_lvl+0xb7/0x103 [ 986.305325][T10767] dump_stack+0x11/0x1a [ 986.309540][T10767] should_fail+0x23c/0x250 [ 986.314012][T10767] __should_failslab+0x81/0x90 [ 986.318796][T10767] ? register_for_each_vma+0x372/0x890 [ 986.324296][T10767] should_failslab+0x5/0x20 [ 986.328835][T10767] kmem_cache_alloc_trace+0x49/0x310 [ 986.334322][T10767] ? register_for_each_vma+0x372/0x890 [ 986.339869][T10767] ? vma_interval_tree_iter_next+0x263/0x280 [ 986.345857][T10767] register_for_each_vma+0x372/0x890 [ 986.351258][T10767] __uprobe_register+0x3f4/0x8a0 [ 986.356213][T10767] uprobe_register_refctr+0x29/0x40 [ 986.361651][T10767] probe_event_enable+0x2be/0x7d0 [ 986.366690][T10767] ? __uprobe_trace_func+0x430/0x430 [ 986.371987][T10767] trace_uprobe_register+0x88/0x410 [ 986.377189][T10767] perf_trace_event_init+0x34e/0x790 [ 986.382485][T10767] perf_uprobe_init+0xf5/0x140 [ 986.387262][T10767] perf_uprobe_event_init+0xde/0x140 [ 986.392560][T10767] perf_try_init_event+0x21a/0x400 [ 986.397691][T10767] perf_event_alloc+0xa60/0x1790 [ 986.402692][T10767] __se_sys_perf_event_open+0x5c7/0x2740 [ 986.408417][T10767] ? vfs_write+0x50c/0x770 [ 986.412834][T10767] ? copy_fpregs_to_fpstate+0xd8/0x110 [ 986.418313][T10767] __x64_sys_perf_event_open+0x63/0x70 [ 986.423834][T10767] do_syscall_64+0x3d/0x90 [ 986.428291][T10767] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 986.434239][T10767] RIP: 0033:0x4665d9 [ 986.438136][T10767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 986.457749][T10767] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:17 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfcfdffff, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:17 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0xc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:17 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\t\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 986.466332][T10767] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 986.474315][T10767] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 986.482308][T10767] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 986.490395][T10767] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 986.498431][T10767] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:17 executing program 4 (fault-call:1 fault-nth:41): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:17 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 986.608851][T10787] FAULT_INJECTION: forcing a failure. [ 986.608851][T10787] name failslab, interval 1, probability 0, space 0, times 0 [ 986.621537][T10787] CPU: 1 PID: 10787 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 986.629974][T10787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 986.640135][T10787] Call Trace: [ 986.643422][T10787] dump_stack_lvl+0xb7/0x103 [ 986.648097][T10787] dump_stack+0x11/0x1a [ 986.652308][T10787] should_fail+0x23c/0x250 [ 986.656810][T10787] __should_failslab+0x81/0x90 [ 986.661582][T10787] ? register_for_each_vma+0x372/0x890 [ 986.667059][T10787] should_failslab+0x5/0x20 [ 986.671580][T10787] kmem_cache_alloc_trace+0x49/0x310 [ 986.676928][T10787] ? register_for_each_vma+0x372/0x890 [ 986.682397][T10787] ? vma_interval_tree_iter_next+0x24c/0x280 [ 986.688388][T10787] register_for_each_vma+0x372/0x890 [ 986.693708][T10787] __uprobe_register+0x3f4/0x8a0 [ 986.698691][T10787] uprobe_register_refctr+0x29/0x40 [ 986.703892][T10787] probe_event_enable+0x2be/0x7d0 [ 986.708915][T10787] ? __uprobe_trace_func+0x430/0x430 [ 986.714289][T10787] trace_uprobe_register+0x88/0x410 [ 986.719498][T10787] perf_trace_event_init+0x34e/0x790 [ 986.724801][T10787] perf_uprobe_init+0xf5/0x140 [ 986.729627][T10787] perf_uprobe_event_init+0xde/0x140 [ 986.734982][T10787] perf_try_init_event+0x21a/0x400 [ 986.740200][T10787] perf_event_alloc+0xa60/0x1790 [ 986.745208][T10787] __se_sys_perf_event_open+0x5c7/0x2740 [ 986.750907][T10787] ? vfs_write+0x50c/0x770 [ 986.755717][T10787] __x64_sys_perf_event_open+0x63/0x70 [ 986.761256][T10787] do_syscall_64+0x3d/0x90 [ 986.765749][T10787] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 986.771700][T10787] RIP: 0033:0x4665d9 [ 986.775603][T10787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 986.795224][T10787] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:18 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x700000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:18 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r2, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) tkill(r1, 0x7) [ 986.803653][T10787] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 986.811645][T10787] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 986.819627][T10787] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 986.827617][T10787] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 986.835603][T10787] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:18 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:18 executing program 4 (fault-call:1 fault-nth:42): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:18 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:18 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\n\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 987.020697][T10821] FAULT_INJECTION: forcing a failure. [ 987.020697][T10821] name failslab, interval 1, probability 0, space 0, times 0 [ 987.033375][T10821] CPU: 0 PID: 10821 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 987.041814][T10821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 987.051887][T10821] Call Trace: [ 987.055177][T10821] dump_stack_lvl+0xb7/0x103 [ 987.059785][T10821] dump_stack+0x11/0x1a [ 987.063970][T10821] should_fail+0x23c/0x250 [ 987.068452][T10821] __should_failslab+0x81/0x90 [ 987.073231][T10821] ? register_for_each_vma+0x372/0x890 [ 987.078728][T10821] should_failslab+0x5/0x20 [ 987.083238][T10821] kmem_cache_alloc_trace+0x49/0x310 [ 987.088699][T10821] ? register_for_each_vma+0x372/0x890 [ 987.094234][T10821] ? vma_interval_tree_iter_next+0x24c/0x280 [ 987.100349][T10821] register_for_each_vma+0x372/0x890 [ 987.105718][T10821] __uprobe_register+0x3f4/0x8a0 [ 987.110675][T10821] uprobe_register_refctr+0x29/0x40 [ 987.115888][T10821] probe_event_enable+0x2be/0x7d0 [ 987.120990][T10821] ? __uprobe_trace_func+0x430/0x430 [ 987.126346][T10821] trace_uprobe_register+0x88/0x410 [ 987.131563][T10821] perf_trace_event_init+0x34e/0x790 [ 987.136873][T10821] perf_uprobe_init+0xf5/0x140 [ 987.141690][T10821] perf_uprobe_event_init+0xde/0x140 [ 987.147063][T10821] perf_try_init_event+0x21a/0x400 [ 987.152240][T10821] perf_event_alloc+0xa60/0x1790 [ 987.157461][T10821] __se_sys_perf_event_open+0x5c7/0x2740 [ 987.163125][T10821] ? vfs_write+0x50c/0x770 [ 987.167564][T10821] __x64_sys_perf_event_open+0x63/0x70 [ 987.173059][T10821] do_syscall_64+0x3d/0x90 [ 987.177487][T10821] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 987.183388][T10821] RIP: 0033:0x4665d9 [ 987.187301][T10821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.206948][T10821] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:18 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 987.215372][T10821] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 987.223343][T10821] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 987.231327][T10821] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 987.239316][T10821] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 987.247307][T10821] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:18 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfdfdffff, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:18 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) mmap(&(0x7f00005ec000/0x3000)=nil, 0x3000, 0x100000c, 0x100010, r2, 0xea074000) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) tkill(r1, 0x7) 10:48:18 executing program 4 (fault-call:1 fault-nth:43): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:18 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:18 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\v\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 987.464289][T10855] FAULT_INJECTION: forcing a failure. [ 987.464289][T10855] name failslab, interval 1, probability 0, space 0, times 0 [ 987.476982][T10855] CPU: 0 PID: 10855 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 987.485410][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 987.496174][T10855] Call Trace: [ 987.499516][T10855] dump_stack_lvl+0xb7/0x103 [ 987.504194][T10855] dump_stack+0x11/0x1a [ 987.508357][T10855] should_fail+0x23c/0x250 [ 987.512781][T10855] __should_failslab+0x81/0x90 [ 987.517548][T10855] ? register_for_each_vma+0x372/0x890 [ 987.523014][T10855] should_failslab+0x5/0x20 [ 987.527524][T10855] kmem_cache_alloc_trace+0x49/0x310 [ 987.532821][T10855] ? register_for_each_vma+0x372/0x890 [ 987.538277][T10855] ? vma_interval_tree_iter_next+0x263/0x280 [ 987.544343][T10855] register_for_each_vma+0x372/0x890 [ 987.549630][T10855] __uprobe_register+0x3f4/0x8a0 [ 987.554616][T10855] uprobe_register_refctr+0x29/0x40 [ 987.559868][T10855] probe_event_enable+0x2be/0x7d0 [ 987.565004][T10855] ? __uprobe_trace_func+0x430/0x430 [ 987.570304][T10855] trace_uprobe_register+0x88/0x410 [ 987.575504][T10855] perf_trace_event_init+0x34e/0x790 [ 987.580794][T10855] perf_uprobe_init+0xf5/0x140 [ 987.585621][T10855] perf_uprobe_event_init+0xde/0x140 [ 987.590927][T10855] perf_try_init_event+0x21a/0x400 [ 987.596047][T10855] perf_event_alloc+0xa60/0x1790 [ 987.601045][T10855] __se_sys_perf_event_open+0x5c7/0x2740 [ 987.606686][T10855] ? vfs_write+0x50c/0x770 [ 987.611149][T10855] __x64_sys_perf_event_open+0x63/0x70 [ 987.616643][T10855] do_syscall_64+0x3d/0x90 [ 987.621073][T10855] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 987.626982][T10855] RIP: 0033:0x4665d9 [ 987.630902][T10855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 987.650521][T10855] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 987.658952][T10855] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 987.666932][T10855] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 987.674944][T10855] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 987.682953][T10855] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 987.690942][T10855] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:19 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x800000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:19 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x1c, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:19 executing program 4 (fault-call:1 fault-nth:44): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:19 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\f\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:19 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 987.863759][T10882] FAULT_INJECTION: forcing a failure. [ 987.863759][T10882] name failslab, interval 1, probability 0, space 0, times 0 [ 987.876445][T10882] CPU: 1 PID: 10882 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 987.884871][T10882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 987.894939][T10882] Call Trace: [ 987.898223][T10882] dump_stack_lvl+0xb7/0x103 [ 987.902931][T10882] dump_stack+0x11/0x1a [ 987.907134][T10882] should_fail+0x23c/0x250 [ 987.911565][T10882] __should_failslab+0x81/0x90 [ 987.916332][T10882] ? register_for_each_vma+0x372/0x890 [ 987.921801][T10882] should_failslab+0x5/0x20 [ 987.926321][T10882] kmem_cache_alloc_trace+0x49/0x310 [ 987.931651][T10882] ? register_for_each_vma+0x372/0x890 [ 987.937121][T10882] ? vma_interval_tree_iter_next+0x263/0x280 [ 987.943108][T10882] register_for_each_vma+0x372/0x890 [ 987.948399][T10882] __uprobe_register+0x3f4/0x8a0 [ 987.953400][T10882] uprobe_register_refctr+0x29/0x40 [ 987.958605][T10882] probe_event_enable+0x2be/0x7d0 [ 987.963636][T10882] ? __uprobe_trace_func+0x430/0x430 [ 987.968946][T10882] trace_uprobe_register+0x88/0x410 [ 987.974152][T10882] perf_trace_event_init+0x34e/0x790 [ 987.979550][T10882] perf_uprobe_init+0xf5/0x140 [ 987.984329][T10882] perf_uprobe_event_init+0xde/0x140 [ 987.989628][T10882] perf_try_init_event+0x21a/0x400 [ 987.994755][T10882] perf_event_alloc+0xa60/0x1790 [ 987.999703][T10882] __se_sys_perf_event_open+0x5c7/0x2740 [ 988.005342][T10882] ? vfs_write+0x50c/0x770 [ 988.009760][T10882] __x64_sys_perf_event_open+0x63/0x70 [ 988.015246][T10882] do_syscall_64+0x3d/0x90 [ 988.019678][T10882] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 988.025587][T10882] RIP: 0033:0x4665d9 [ 988.029481][T10882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.049224][T10882] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:19 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x26, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 988.057656][T10882] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 988.065640][T10882] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 988.073618][T10882] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 988.081595][T10882] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 988.089572][T10882] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:19 executing program 4 (fault-call:1 fault-nth:45): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 988.207530][T10907] FAULT_INJECTION: forcing a failure. [ 988.207530][T10907] name failslab, interval 1, probability 0, space 0, times 0 [ 988.220271][T10907] CPU: 1 PID: 10907 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 988.228712][T10907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 988.238782][T10907] Call Trace: [ 988.242070][T10907] dump_stack_lvl+0xb7/0x103 [ 988.246747][T10907] dump_stack+0x11/0x1a [ 988.250927][T10907] should_fail+0x23c/0x250 [ 988.255355][T10907] __should_failslab+0x81/0x90 [ 988.260166][T10907] ? register_for_each_vma+0x372/0x890 [ 988.265631][T10907] should_failslab+0x5/0x20 [ 988.270211][T10907] kmem_cache_alloc_trace+0x49/0x310 [ 988.275546][T10907] ? register_for_each_vma+0x372/0x890 [ 988.281046][T10907] ? vma_interval_tree_iter_next+0x263/0x280 [ 988.287042][T10907] register_for_each_vma+0x372/0x890 [ 988.292333][T10907] __uprobe_register+0x3f4/0x8a0 [ 988.297313][T10907] uprobe_register_refctr+0x29/0x40 [ 988.302569][T10907] probe_event_enable+0x2be/0x7d0 [ 988.307591][T10907] ? __uprobe_trace_func+0x430/0x430 [ 988.312958][T10907] trace_uprobe_register+0x88/0x410 [ 988.318159][T10907] perf_trace_event_init+0x34e/0x790 [ 988.323526][T10907] perf_uprobe_init+0xf5/0x140 [ 988.328436][T10907] perf_uprobe_event_init+0xde/0x140 [ 988.333793][T10907] perf_try_init_event+0x21a/0x400 [ 988.338947][T10907] perf_event_alloc+0xa60/0x1790 [ 988.343949][T10907] __se_sys_perf_event_open+0x5c7/0x2740 [ 988.349671][T10907] ? vfs_write+0x50c/0x770 [ 988.354115][T10907] __x64_sys_perf_event_open+0x63/0x70 [ 988.359575][T10907] do_syscall_64+0x3d/0x90 [ 988.364064][T10907] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 988.370002][T10907] RIP: 0033:0x4665d9 [ 988.373897][T10907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.393560][T10907] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:19 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfeffffff, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:19 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\r\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:19 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:19 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x27, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 988.402056][T10907] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 988.410032][T10907] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 988.418032][T10907] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 988.426013][T10907] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 988.434159][T10907] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:19 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:20 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x900000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:20 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x48, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:20 executing program 4 (fault-call:1 fault-nth:46): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x0e\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 988.751005][T10949] FAULT_INJECTION: forcing a failure. [ 988.751005][T10949] name failslab, interval 1, probability 0, space 0, times 0 [ 988.763679][T10949] CPU: 0 PID: 10949 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 988.772144][T10949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 988.782291][T10949] Call Trace: [ 988.785580][T10949] dump_stack_lvl+0xb7/0x103 [ 988.790194][T10949] dump_stack+0x11/0x1a [ 988.794376][T10949] should_fail+0x23c/0x250 [ 988.798803][T10949] __should_failslab+0x81/0x90 [ 988.803630][T10949] ? register_for_each_vma+0x372/0x890 [ 988.809097][T10949] should_failslab+0x5/0x20 [ 988.813757][T10949] kmem_cache_alloc_trace+0x49/0x310 [ 988.819343][T10949] ? register_for_each_vma+0x372/0x890 [ 988.824813][T10949] ? vma_interval_tree_iter_next+0x263/0x280 [ 988.830859][T10949] register_for_each_vma+0x372/0x890 [ 988.836241][T10949] __uprobe_register+0x3f4/0x8a0 [ 988.841198][T10949] uprobe_register_refctr+0x29/0x40 [ 988.846414][T10949] probe_event_enable+0x2be/0x7d0 [ 988.851495][T10949] ? __uprobe_trace_func+0x430/0x430 [ 988.856800][T10949] trace_uprobe_register+0x88/0x410 [ 988.862021][T10949] perf_trace_event_init+0x34e/0x790 [ 988.867341][T10949] perf_uprobe_init+0xf5/0x140 [ 988.872169][T10949] perf_uprobe_event_init+0xde/0x140 [ 988.877482][T10949] perf_try_init_event+0x21a/0x400 [ 988.882611][T10949] perf_event_alloc+0xa60/0x1790 [ 988.887559][T10949] __se_sys_perf_event_open+0x5c7/0x2740 [ 988.893202][T10949] ? vfs_write+0x50c/0x770 [ 988.897631][T10949] __x64_sys_perf_event_open+0x63/0x70 [ 988.903199][T10949] do_syscall_64+0x3d/0x90 [ 988.907638][T10949] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 988.913627][T10949] RIP: 0033:0x4665d9 [ 988.917521][T10949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 988.937372][T10949] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 988.945869][T10949] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 988.953961][T10949] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 988.961943][T10949] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 988.969931][T10949] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 988.977917][T10949] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:20 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x4c, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:20 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfffffdfc, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:20 executing program 4 (fault-call:1 fault-nth:47): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:20 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:20 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x68, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x10\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 989.469297][T10989] FAULT_INJECTION: forcing a failure. [ 989.469297][T10989] name failslab, interval 1, probability 0, space 0, times 0 [ 989.481946][T10989] CPU: 1 PID: 10989 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 989.490364][T10989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 989.500417][T10989] Call Trace: [ 989.503702][T10989] dump_stack_lvl+0xb7/0x103 [ 989.508310][T10989] dump_stack+0x11/0x1a [ 989.512470][T10989] should_fail+0x23c/0x250 [ 989.516895][T10989] __should_failslab+0x81/0x90 [ 989.521662][T10989] ? register_for_each_vma+0x372/0x890 [ 989.527119][T10989] should_failslab+0x5/0x20 [ 989.531628][T10989] kmem_cache_alloc_trace+0x49/0x310 [ 989.537002][T10989] ? register_for_each_vma+0x372/0x890 [ 989.542469][T10989] ? vma_interval_tree_iter_next+0x24c/0x280 [ 989.548461][T10989] register_for_each_vma+0x372/0x890 [ 989.553801][T10989] __uprobe_register+0x3f4/0x8a0 [ 989.558803][T10989] uprobe_register_refctr+0x29/0x40 [ 989.564086][T10989] probe_event_enable+0x2be/0x7d0 [ 989.569171][T10989] ? __uprobe_trace_func+0x430/0x430 [ 989.574469][T10989] trace_uprobe_register+0x88/0x410 [ 989.579676][T10989] perf_trace_event_init+0x34e/0x790 [ 989.584968][T10989] perf_uprobe_init+0xf5/0x140 [ 989.589737][T10989] perf_uprobe_event_init+0xde/0x140 [ 989.595033][T10989] perf_try_init_event+0x21a/0x400 [ 989.600154][T10989] perf_event_alloc+0xa60/0x1790 [ 989.605094][T10989] __se_sys_perf_event_open+0x5c7/0x2740 [ 989.610761][T10989] ? vfs_write+0x50c/0x770 [ 989.615193][T10989] __x64_sys_perf_event_open+0x63/0x70 [ 989.620659][T10989] do_syscall_64+0x3d/0x90 [ 989.625098][T10989] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 989.631063][T10989] RIP: 0033:0x4665d9 [ 989.635032][T10989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 989.654664][T10989] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:21 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xa00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:21 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 989.663094][T10989] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 989.672975][T10989] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 989.680948][T10989] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 989.688925][T10989] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 989.697005][T10989] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:21 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x6c, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:21 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) socket$inet_tcp(0x2, 0x1, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:21 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x74, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:21 executing program 4 (fault-call:1 fault-nth:48): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 989.859957][T11021] FAULT_INJECTION: forcing a failure. [ 989.859957][T11021] name failslab, interval 1, probability 0, space 0, times 0 [ 989.872632][T11021] CPU: 0 PID: 11021 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 989.881156][T11021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 989.891226][T11021] Call Trace: [ 989.894514][T11021] dump_stack_lvl+0xb7/0x103 [ 989.899189][T11021] dump_stack+0x11/0x1a [ 989.903466][T11021] should_fail+0x23c/0x250 [ 989.907981][T11021] __should_failslab+0x81/0x90 [ 989.912749][T11021] ? register_for_each_vma+0x372/0x890 [ 989.918214][T11021] should_failslab+0x5/0x20 [ 989.922753][T11021] kmem_cache_alloc_trace+0x49/0x310 [ 989.928052][T11021] ? register_for_each_vma+0x372/0x890 [ 989.933505][T11021] ? vma_interval_tree_iter_next+0x263/0x280 [ 989.939504][T11021] register_for_each_vma+0x372/0x890 [ 989.944793][T11021] __uprobe_register+0x3f4/0x8a0 [ 989.949731][T11021] uprobe_register_refctr+0x29/0x40 [ 989.954937][T11021] probe_event_enable+0x2be/0x7d0 10:48:21 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 989.959964][T11021] ? __uprobe_trace_func+0x430/0x430 [ 989.965305][T11021] trace_uprobe_register+0x88/0x410 [ 989.970508][T11021] perf_trace_event_init+0x34e/0x790 [ 989.975818][T11021] perf_uprobe_init+0xf5/0x140 [ 989.980653][T11021] perf_uprobe_event_init+0xde/0x140 [ 989.985951][T11021] perf_try_init_event+0x21a/0x400 [ 989.991071][T11021] perf_event_alloc+0xa60/0x1790 [ 989.996116][T11021] __se_sys_perf_event_open+0x5c7/0x2740 [ 990.001753][T11021] ? vfs_write+0x50c/0x770 [ 990.006208][T11021] __x64_sys_perf_event_open+0x63/0x70 [ 990.011722][T11021] do_syscall_64+0x3d/0x90 [ 990.016213][T11021] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 990.022135][T11021] RIP: 0033:0x4665d9 [ 990.026051][T11021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 990.045668][T11021] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 990.054153][T11021] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 990.062130][T11021] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 990.070102][T11021] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 990.078084][T11021] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 990.086070][T11021] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:21 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfffffdfd, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:21 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x11\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:21 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x7a, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:21 executing program 4 (fault-call:1 fault-nth:49): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 990.430608][T11046] FAULT_INJECTION: forcing a failure. [ 990.430608][T11046] name failslab, interval 1, probability 0, space 0, times 0 [ 990.443334][T11046] CPU: 1 PID: 11046 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 990.451768][T11046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 990.461835][T11046] Call Trace: [ 990.465128][T11046] dump_stack_lvl+0xb7/0x103 [ 990.469793][T11046] dump_stack+0x11/0x1a [ 990.474178][T11046] should_fail+0x23c/0x250 [ 990.478615][T11046] __should_failslab+0x81/0x90 [ 990.483393][T11046] ? register_for_each_vma+0x372/0x890 [ 990.488862][T11046] should_failslab+0x5/0x20 [ 990.493462][T11046] kmem_cache_alloc_trace+0x49/0x310 [ 990.498768][T11046] ? register_for_each_vma+0x372/0x890 [ 990.504243][T11046] ? vma_interval_tree_iter_next+0x24c/0x280 [ 990.510240][T11046] register_for_each_vma+0x372/0x890 [ 990.515544][T11046] __uprobe_register+0x3f4/0x8a0 [ 990.520568][T11046] uprobe_register_refctr+0x29/0x40 [ 990.525784][T11046] probe_event_enable+0x2be/0x7d0 [ 990.530878][T11046] ? __uprobe_trace_func+0x430/0x430 [ 990.536189][T11046] trace_uprobe_register+0x88/0x410 [ 990.541444][T11046] perf_trace_event_init+0x34e/0x790 [ 990.546969][T11046] perf_uprobe_init+0xf5/0x140 [ 990.551765][T11046] perf_uprobe_event_init+0xde/0x140 [ 990.557071][T11046] perf_try_init_event+0x21a/0x400 [ 990.562210][T11046] perf_event_alloc+0xa60/0x1790 [ 990.567231][T11046] __se_sys_perf_event_open+0x5c7/0x2740 [ 990.572877][T11046] ? vfs_write+0x50c/0x770 [ 990.577311][T11046] __x64_sys_perf_event_open+0x63/0x70 [ 990.582870][T11046] do_syscall_64+0x3d/0x90 [ 990.587364][T11046] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 990.593359][T11046] RIP: 0033:0x4665d9 [ 990.597370][T11046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 990.617084][T11046] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:21 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0xff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 990.625535][T11046] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 990.633578][T11046] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 990.641579][T11046] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 990.649651][T11046] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 990.657664][T11046] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:22 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xb00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:22 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:22 executing program 4 (fault-call:1 fault-nth:50): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:22 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 990.805204][T11072] FAULT_INJECTION: forcing a failure. [ 990.805204][T11072] name failslab, interval 1, probability 0, space 0, times 0 [ 990.817907][T11072] CPU: 0 PID: 11072 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 990.826329][T11072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 990.836409][T11072] Call Trace: [ 990.839721][T11072] dump_stack_lvl+0xb7/0x103 [ 990.844323][T11072] dump_stack+0x11/0x1a [ 990.848525][T11072] should_fail+0x23c/0x250 [ 990.852953][T11072] __should_failslab+0x81/0x90 [ 990.857721][T11072] ? register_for_each_vma+0x372/0x890 [ 990.863187][T11072] should_failslab+0x5/0x20 [ 990.867709][T11072] kmem_cache_alloc_trace+0x49/0x310 [ 990.873066][T11072] ? register_for_each_vma+0x372/0x890 [ 990.878577][T11072] ? vma_interval_tree_iter_next+0x263/0x280 [ 990.884572][T11072] register_for_each_vma+0x372/0x890 [ 990.889871][T11072] __uprobe_register+0x3f4/0x8a0 [ 990.894819][T11072] uprobe_register_refctr+0x29/0x40 [ 990.900023][T11072] probe_event_enable+0x2be/0x7d0 [ 990.905050][T11072] ? __uprobe_trace_func+0x430/0x430 [ 990.910377][T11072] trace_uprobe_register+0x88/0x410 [ 990.915619][T11072] perf_trace_event_init+0x34e/0x790 [ 990.920924][T11072] perf_uprobe_init+0xf5/0x140 [ 990.925695][T11072] perf_uprobe_event_init+0xde/0x140 [ 990.931071][T11072] perf_try_init_event+0x21a/0x400 [ 990.936193][T11072] perf_event_alloc+0xa60/0x1790 [ 990.941147][T11072] __se_sys_perf_event_open+0x5c7/0x2740 [ 990.946852][T11072] ? vfs_write+0x50c/0x770 [ 990.951271][T11072] __x64_sys_perf_event_open+0x63/0x70 [ 990.956744][T11072] do_syscall_64+0x3d/0x90 [ 990.961254][T11072] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 990.967207][T11072] RIP: 0033:0x4665d9 [ 990.971103][T11072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 990.990762][T11072] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:22 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x12\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:22 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 990.999193][T11072] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 991.007275][T11072] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 991.015261][T11072] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 991.023261][T11072] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 991.031308][T11072] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:22 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:22 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffff7f, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:22 executing program 4 (fault-call:1 fault-nth:51): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:22 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:22 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:22 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x03 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 991.288370][T11107] FAULT_INJECTION: forcing a failure. [ 991.288370][T11107] name failslab, interval 1, probability 0, space 0, times 0 [ 991.301075][T11107] CPU: 1 PID: 11107 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 991.309517][T11107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 991.319579][T11107] Call Trace: [ 991.322878][T11107] dump_stack_lvl+0xb7/0x103 [ 991.327574][T11107] dump_stack+0x11/0x1a [ 991.331803][T11107] should_fail+0x23c/0x250 [ 991.336230][T11107] __should_failslab+0x81/0x90 [ 991.340999][T11107] ? register_for_each_vma+0x372/0x890 [ 991.346569][T11107] should_failslab+0x5/0x20 [ 991.351074][T11107] kmem_cache_alloc_trace+0x49/0x310 [ 991.356373][T11107] ? register_for_each_vma+0x372/0x890 [ 991.361834][T11107] ? vma_interval_tree_iter_next+0x263/0x280 [ 991.367966][T11107] register_for_each_vma+0x372/0x890 [ 991.373280][T11107] __uprobe_register+0x3f4/0x8a0 [ 991.378217][T11107] uprobe_register_refctr+0x29/0x40 [ 991.383424][T11107] probe_event_enable+0x2be/0x7d0 [ 991.388452][T11107] ? __uprobe_trace_func+0x430/0x430 [ 991.393744][T11107] trace_uprobe_register+0x88/0x410 [ 991.398951][T11107] perf_trace_event_init+0x34e/0x790 [ 991.404247][T11107] perf_uprobe_init+0xf5/0x140 [ 991.409021][T11107] perf_uprobe_event_init+0xde/0x140 [ 991.414316][T11107] perf_try_init_event+0x21a/0x400 [ 991.419434][T11107] perf_event_alloc+0xa60/0x1790 [ 991.424379][T11107] __se_sys_perf_event_open+0x5c7/0x2740 [ 991.430085][T11107] ? vfs_write+0x50c/0x770 [ 991.434511][T11107] __x64_sys_perf_event_open+0x63/0x70 [ 991.439969][T11107] do_syscall_64+0x3d/0x90 [ 991.444398][T11107] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 991.450296][T11107] RIP: 0033:0x4665d9 [ 991.454229][T11107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 991.473847][T11107] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 991.482332][T11107] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 991.490313][T11107] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 991.498363][T11107] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 991.506395][T11107] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 991.514382][T11107] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:23 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:23 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:23 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(0x0, 0x7) 10:48:23 executing program 4 (fault-call:1 fault-nth:52): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:23 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x05 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 991.735564][T11140] FAULT_INJECTION: forcing a failure. [ 991.735564][T11140] name failslab, interval 1, probability 0, space 0, times 0 [ 991.748247][T11140] CPU: 0 PID: 11140 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 991.756672][T11140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 991.766734][T11140] Call Trace: [ 991.770018][T11140] dump_stack_lvl+0xb7/0x103 [ 991.774621][T11140] dump_stack+0x11/0x1a [ 991.778876][T11140] should_fail+0x23c/0x250 [ 991.783329][T11140] __should_failslab+0x81/0x90 [ 991.788228][T11140] ? register_for_each_vma+0x372/0x890 [ 991.793732][T11140] should_failslab+0x5/0x20 [ 991.798243][T11140] kmem_cache_alloc_trace+0x49/0x310 [ 991.803546][T11140] ? register_for_each_vma+0x372/0x890 [ 991.809097][T11140] ? vma_interval_tree_iter_next+0x263/0x280 [ 991.815091][T11140] register_for_each_vma+0x372/0x890 [ 991.820382][T11140] __uprobe_register+0x3f4/0x8a0 [ 991.825402][T11140] uprobe_register_refctr+0x29/0x40 [ 991.830607][T11140] probe_event_enable+0x2be/0x7d0 [ 991.835630][T11140] ? __uprobe_trace_func+0x430/0x430 [ 991.840920][T11140] trace_uprobe_register+0x88/0x410 [ 991.846121][T11140] perf_trace_event_init+0x34e/0x790 [ 991.851415][T11140] perf_uprobe_init+0xf5/0x140 [ 991.856226][T11140] perf_uprobe_event_init+0xde/0x140 [ 991.861533][T11140] perf_try_init_event+0x21a/0x400 [ 991.866713][T11140] perf_event_alloc+0xa60/0x1790 [ 991.871686][T11140] __se_sys_perf_event_open+0x5c7/0x2740 [ 991.877331][T11140] ? vfs_write+0x50c/0x770 [ 991.881787][T11140] __x64_sys_perf_event_open+0x63/0x70 [ 991.887326][T11140] do_syscall_64+0x3d/0x90 [ 991.891795][T11140] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 991.897698][T11140] RIP: 0033:0x4665d9 [ 991.901589][T11140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 991.921300][T11140] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:23 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 991.929802][T11140] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 991.937828][T11140] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 991.945910][T11140] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 991.954101][T11140] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 991.962114][T11140] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:23 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:23 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfffffff6, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:23 executing program 4 (fault-call:1 fault-nth:53): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:23 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:23 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x06 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 992.222588][T11178] FAULT_INJECTION: forcing a failure. [ 992.222588][T11178] name failslab, interval 1, probability 0, space 0, times 0 [ 992.235292][T11178] CPU: 0 PID: 11178 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 992.243718][T11178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 992.253866][T11178] Call Trace: [ 992.257152][T11178] dump_stack_lvl+0xb7/0x103 [ 992.261758][T11178] dump_stack+0x11/0x1a [ 992.265941][T11178] should_fail+0x23c/0x250 [ 992.270361][T11178] __should_failslab+0x81/0x90 [ 992.275153][T11178] ? register_for_each_vma+0x372/0x890 [ 992.280681][T11178] should_failslab+0x5/0x20 [ 992.285191][T11178] kmem_cache_alloc_trace+0x49/0x310 [ 992.290581][T11178] ? register_for_each_vma+0x372/0x890 [ 992.296076][T11178] ? vma_interval_tree_iter_next+0x263/0x280 [ 992.302084][T11178] register_for_each_vma+0x372/0x890 [ 992.307385][T11178] __uprobe_register+0x3f4/0x8a0 [ 992.312323][T11178] uprobe_register_refctr+0x29/0x40 [ 992.317598][T11178] probe_event_enable+0x2be/0x7d0 [ 992.322637][T11178] ? __uprobe_trace_func+0x430/0x430 [ 992.327935][T11178] trace_uprobe_register+0x88/0x410 [ 992.333139][T11178] perf_trace_event_init+0x34e/0x790 [ 992.338440][T11178] perf_uprobe_init+0xf5/0x140 [ 992.343228][T11178] perf_uprobe_event_init+0xde/0x140 [ 992.348530][T11178] perf_try_init_event+0x21a/0x400 [ 992.353660][T11178] perf_event_alloc+0xa60/0x1790 [ 992.358614][T11178] __se_sys_perf_event_open+0x5c7/0x2740 [ 992.364382][T11178] ? vfs_write+0x50c/0x770 [ 992.368802][T11178] __x64_sys_perf_event_open+0x63/0x70 [ 992.374272][T11178] do_syscall_64+0x3d/0x90 [ 992.378752][T11178] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 992.384672][T11178] RIP: 0033:0x4665d9 [ 992.388578][T11178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 992.408206][T11178] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a 10:48:23 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 992.416660][T11178] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 992.424645][T11178] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 992.432635][T11178] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 992.440622][T11178] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 992.448609][T11178] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:23 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xd00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:23 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(0x0, 0x7) 10:48:24 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:24 executing program 4 (fault-call:1 fault-nth:54): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:24 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\a \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 992.774519][T11211] FAULT_INJECTION: forcing a failure. [ 992.774519][T11211] name failslab, interval 1, probability 0, space 0, times 0 [ 992.787486][T11211] CPU: 0 PID: 11211 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 992.795956][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 992.806030][T11211] Call Trace: [ 992.809323][T11211] dump_stack_lvl+0xb7/0x103 [ 992.813956][T11211] dump_stack+0x11/0x1a [ 992.818157][T11211] should_fail+0x23c/0x250 [ 992.822627][T11211] __should_failslab+0x81/0x90 [ 992.827477][T11211] ? register_for_each_vma+0x372/0x890 [ 992.833615][T11211] should_failslab+0x5/0x20 [ 992.838162][T11211] kmem_cache_alloc_trace+0x49/0x310 [ 992.843509][T11211] ? vma_interval_tree_iter_next+0x24c/0x280 [ 992.849549][T11211] register_for_each_vma+0x372/0x890 [ 992.854883][T11211] uprobe_apply+0x8b/0x260 [ 992.859373][T11211] ? __uprobe_trace_func+0x430/0x430 [ 992.864853][T11211] trace_uprobe_register+0x2b6/0x410 [ 992.870151][T11211] perf_trace_event_init+0xf8/0x790 [ 992.875362][T11211] perf_uprobe_init+0xf5/0x140 [ 992.880139][T11211] perf_uprobe_event_init+0xde/0x140 [ 992.885439][T11211] perf_try_init_event+0x21a/0x400 [ 992.890712][T11211] perf_event_alloc+0xa60/0x1790 [ 992.895681][T11211] __se_sys_perf_event_open+0x5c7/0x2740 [ 992.901353][T11211] ? vfs_write+0x50c/0x770 [ 992.905777][T11211] __x64_sys_perf_event_open+0x63/0x70 [ 992.911243][T11211] do_syscall_64+0x3d/0x90 [ 992.915698][T11211] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 992.921775][T11211] RIP: 0033:0x4665d9 [ 992.925671][T11211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 992.945805][T11211] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 992.954256][T11211] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 992.962233][T11211] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:24 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 992.970236][T11211] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 992.978231][T11211] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 992.986206][T11211] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:24 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfffffffe, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:24 executing program 4 (fault-call:1 fault-nth:55): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:24 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:24 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\t \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 993.243860][T11241] FAULT_INJECTION: forcing a failure. [ 993.243860][T11241] name failslab, interval 1, probability 0, space 0, times 0 [ 993.256552][T11241] CPU: 0 PID: 11241 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 993.264976][T11241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 993.275071][T11241] Call Trace: [ 993.278347][T11241] dump_stack_lvl+0xb7/0x103 [ 993.282972][T11241] dump_stack+0x11/0x1a [ 993.287208][T11241] should_fail+0x23c/0x250 [ 993.291632][T11241] __should_failslab+0x81/0x90 [ 993.296390][T11241] ? register_for_each_vma+0x372/0x890 [ 993.301996][T11241] should_failslab+0x5/0x20 [ 993.306505][T11241] kmem_cache_alloc_trace+0x49/0x310 [ 993.311891][T11241] ? register_for_each_vma+0x372/0x890 [ 993.317349][T11241] ? vma_interval_tree_iter_next+0x263/0x280 [ 993.323336][T11241] register_for_each_vma+0x372/0x890 [ 993.328626][T11241] uprobe_apply+0x8b/0x260 [ 993.333073][T11241] ? __uprobe_trace_func+0x430/0x430 [ 993.338443][T11241] trace_uprobe_register+0x2b6/0x410 [ 993.343732][T11241] perf_trace_event_init+0xf8/0x790 [ 993.348992][T11241] perf_uprobe_init+0xf5/0x140 [ 993.353774][T11241] perf_uprobe_event_init+0xde/0x140 [ 993.359168][T11241] perf_try_init_event+0x21a/0x400 [ 993.364343][T11241] perf_event_alloc+0xa60/0x1790 [ 993.369290][T11241] __se_sys_perf_event_open+0x5c7/0x2740 [ 993.374943][T11241] ? vfs_write+0x50c/0x770 [ 993.379414][T11241] __x64_sys_perf_event_open+0x63/0x70 [ 993.384882][T11241] do_syscall_64+0x3d/0x90 [ 993.389307][T11241] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 993.395353][T11241] RIP: 0033:0x4665d9 [ 993.399352][T11241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 993.418977][T11241] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 993.427404][T11241] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 993.435550][T11241] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:24 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:24 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(0x0, 0x7) [ 993.443519][T11241] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 993.451486][T11241] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 993.459456][T11241] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:24 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xe00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:24 executing program 4 (fault-call:1 fault-nth:56): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:24 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:24 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\n \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 993.651855][T11272] FAULT_INJECTION: forcing a failure. [ 993.651855][T11272] name failslab, interval 1, probability 0, space 0, times 0 [ 993.664591][T11272] CPU: 0 PID: 11272 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 993.673015][T11272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 993.683077][T11272] Call Trace: [ 993.686363][T11272] dump_stack_lvl+0xb7/0x103 [ 993.691004][T11272] dump_stack+0x11/0x1a [ 993.695235][T11272] should_fail+0x23c/0x250 [ 993.699660][T11272] __should_failslab+0x81/0x90 [ 993.704427][T11272] ? register_for_each_vma+0x372/0x890 [ 993.709911][T11272] should_failslab+0x5/0x20 [ 993.714432][T11272] kmem_cache_alloc_trace+0x49/0x310 [ 993.719793][T11272] ? register_for_each_vma+0x372/0x890 [ 993.725262][T11272] ? vma_interval_tree_iter_next+0x263/0x280 [ 993.731274][T11272] register_for_each_vma+0x372/0x890 [ 993.736572][T11272] uprobe_apply+0x8b/0x260 [ 993.741000][T11272] ? __uprobe_trace_func+0x430/0x430 [ 993.746373][T11272] trace_uprobe_register+0x2b6/0x410 [ 993.751751][T11272] perf_trace_event_init+0xf8/0x790 [ 993.757060][T11272] perf_uprobe_init+0xf5/0x140 [ 993.761877][T11272] perf_uprobe_event_init+0xde/0x140 [ 993.767195][T11272] perf_try_init_event+0x21a/0x400 [ 993.772355][T11272] perf_event_alloc+0xa60/0x1790 [ 993.777300][T11272] __se_sys_perf_event_open+0x5c7/0x2740 [ 993.782944][T11272] ? vfs_write+0x50c/0x770 [ 993.787415][T11272] __x64_sys_perf_event_open+0x63/0x70 [ 993.792894][T11272] do_syscall_64+0x3d/0x90 [ 993.797406][T11272] ? irqentry_exit+0xe/0x30 [ 993.801913][T11272] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 993.807893][T11272] RIP: 0033:0x4665d9 [ 993.811791][T11272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 993.831399][T11272] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 993.839850][T11272] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 10:48:25 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:25 executing program 4 (fault-call:1 fault-nth:57): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 993.847835][T11272] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 993.855842][T11272] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 993.863839][T11272] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 993.871915][T11272] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 [ 993.971794][T11294] FAULT_INJECTION: forcing a failure. [ 993.971794][T11294] name failslab, interval 1, probability 0, space 0, times 0 [ 993.984604][T11294] CPU: 1 PID: 11294 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 993.993147][T11294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 994.003202][T11294] Call Trace: [ 994.006479][T11294] dump_stack_lvl+0xb7/0x103 [ 994.011124][T11294] dump_stack+0x11/0x1a [ 994.015436][T11294] should_fail+0x23c/0x250 [ 994.019858][T11294] __should_failslab+0x81/0x90 [ 994.024673][T11294] ? register_for_each_vma+0x372/0x890 [ 994.030184][T11294] should_failslab+0x5/0x20 [ 994.034691][T11294] kmem_cache_alloc_trace+0x49/0x310 [ 994.040020][T11294] ? register_for_each_vma+0x372/0x890 [ 994.045480][T11294] ? vma_interval_tree_iter_next+0x24c/0x280 [ 994.051547][T11294] register_for_each_vma+0x372/0x890 [ 994.056847][T11294] uprobe_apply+0x8b/0x260 [ 994.061309][T11294] ? __uprobe_trace_func+0x430/0x430 [ 994.066657][T11294] trace_uprobe_register+0x2b6/0x410 [ 994.071938][T11294] perf_trace_event_init+0xf8/0x790 [ 994.077145][T11294] perf_uprobe_init+0xf5/0x140 [ 994.081979][T11294] perf_uprobe_event_init+0xde/0x140 [ 994.087270][T11294] perf_try_init_event+0x21a/0x400 [ 994.092416][T11294] perf_event_alloc+0xa60/0x1790 [ 994.097359][T11294] __se_sys_perf_event_open+0x5c7/0x2740 [ 994.102990][T11294] ? vfs_write+0x50c/0x770 [ 994.107413][T11294] __x64_sys_perf_event_open+0x63/0x70 [ 994.112944][T11294] do_syscall_64+0x3d/0x90 [ 994.117370][T11294] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 994.123281][T11294] RIP: 0033:0x4665d9 [ 994.127173][T11294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 994.146892][T11294] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 994.155349][T11294] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 994.163321][T11294] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:25 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x225c17d03, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:25 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:25 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\v \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 994.171298][T11294] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 994.179285][T11294] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 994.187348][T11294] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:25 executing program 4 (fault-call:1 fault-nth:58): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 994.277527][T11313] FAULT_INJECTION: forcing a failure. [ 994.277527][T11313] name failslab, interval 1, probability 0, space 0, times 0 [ 994.290254][T11313] CPU: 1 PID: 11313 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 994.298690][T11313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 994.308787][T11313] Call Trace: [ 994.312062][T11313] dump_stack_lvl+0xb7/0x103 [ 994.316697][T11313] dump_stack+0x11/0x1a [ 994.320853][T11313] should_fail+0x23c/0x250 [ 994.325283][T11313] __should_failslab+0x81/0x90 [ 994.330050][T11313] ? register_for_each_vma+0x372/0x890 [ 994.335579][T11313] should_failslab+0x5/0x20 [ 994.340084][T11313] kmem_cache_alloc_trace+0x49/0x310 [ 994.345375][T11313] ? register_for_each_vma+0x372/0x890 [ 994.350877][T11313] ? vma_interval_tree_iter_next+0x263/0x280 [ 994.356882][T11313] register_for_each_vma+0x372/0x890 [ 994.362170][T11313] uprobe_apply+0x8b/0x260 [ 994.366590][T11313] ? __uprobe_trace_func+0x430/0x430 [ 994.371902][T11313] trace_uprobe_register+0x2b6/0x410 [ 994.377180][T11313] perf_trace_event_init+0xf8/0x790 [ 994.382391][T11313] perf_uprobe_init+0xf5/0x140 [ 994.387181][T11313] perf_uprobe_event_init+0xde/0x140 [ 994.392484][T11313] perf_try_init_event+0x21a/0x400 [ 994.397606][T11313] perf_event_alloc+0xa60/0x1790 [ 994.402560][T11313] __se_sys_perf_event_open+0x5c7/0x2740 [ 994.408196][T11313] ? vfs_write+0x50c/0x770 [ 994.412614][T11313] __x64_sys_perf_event_open+0x63/0x70 [ 994.418087][T11313] do_syscall_64+0x3d/0x90 10:48:25 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 994.422520][T11313] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 994.428511][T11313] RIP: 0033:0x4665d9 [ 994.432401][T11313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 994.452221][T11313] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 994.460653][T11313] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 994.468628][T11313] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:25 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 994.476607][T11313] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 994.484561][T11313] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 994.492978][T11313] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:25 executing program 4 (fault-call:1 fault-nth:59): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:25 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xf00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:25 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 994.641861][T11340] FAULT_INJECTION: forcing a failure. [ 994.641861][T11340] name failslab, interval 1, probability 0, space 0, times 0 [ 994.654570][T11340] CPU: 0 PID: 11340 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 994.663157][T11340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 994.673211][T11340] Call Trace: [ 994.676518][T11340] dump_stack_lvl+0xb7/0x103 [ 994.681114][T11340] dump_stack+0x11/0x1a [ 994.685341][T11340] should_fail+0x23c/0x250 [ 994.689814][T11340] __should_failslab+0x81/0x90 [ 994.694581][T11340] ? register_for_each_vma+0x372/0x890 [ 994.700040][T11340] should_failslab+0x5/0x20 [ 994.704553][T11340] kmem_cache_alloc_trace+0x49/0x310 [ 994.709851][T11340] ? register_for_each_vma+0x372/0x890 [ 994.715332][T11340] ? vma_interval_tree_iter_next+0x24c/0x280 [ 994.721366][T11340] register_for_each_vma+0x372/0x890 [ 994.726659][T11340] uprobe_apply+0x8b/0x260 [ 994.731145][T11340] ? __uprobe_trace_func+0x430/0x430 [ 994.736441][T11340] trace_uprobe_register+0x2b6/0x410 [ 994.742267][T11340] perf_trace_event_init+0xf8/0x790 [ 994.747543][T11340] perf_uprobe_init+0xf5/0x140 [ 994.752320][T11340] perf_uprobe_event_init+0xde/0x140 [ 994.757682][T11340] perf_try_init_event+0x21a/0x400 [ 994.762807][T11340] perf_event_alloc+0xa60/0x1790 [ 994.767783][T11340] __se_sys_perf_event_open+0x5c7/0x2740 [ 994.773471][T11340] ? vfs_write+0x50c/0x770 [ 994.777886][T11340] __x64_sys_perf_event_open+0x63/0x70 [ 994.783656][T11340] do_syscall_64+0x3d/0x90 [ 994.788173][T11340] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 994.794102][T11340] RIP: 0033:0x4665d9 [ 994.797998][T11340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 994.817614][T11340] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 994.826107][T11340] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 994.834091][T11340] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:26 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\f \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 994.842080][T11340] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 994.850069][T11340] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 994.858047][T11340] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:26 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:26 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:26 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:26 executing program 4 (fault-call:1 fault-nth:60): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:26 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8c02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 995.411467][T11370] FAULT_INJECTION: forcing a failure. [ 995.411467][T11370] name failslab, interval 1, probability 0, space 0, times 0 [ 995.424274][T11370] CPU: 1 PID: 11370 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 995.432702][T11370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 995.442785][T11370] Call Trace: [ 995.446120][T11370] dump_stack_lvl+0xb7/0x103 [ 995.450939][T11370] dump_stack+0x11/0x1a [ 995.455180][T11370] should_fail+0x23c/0x250 [ 995.459603][T11370] __should_failslab+0x81/0x90 [ 995.464461][T11370] ? register_for_each_vma+0x372/0x890 [ 995.469929][T11370] should_failslab+0x5/0x20 [ 995.474433][T11370] kmem_cache_alloc_trace+0x49/0x310 [ 995.479729][T11370] ? register_for_each_vma+0x372/0x890 [ 995.485250][T11370] ? vma_interval_tree_iter_next+0x24c/0x280 [ 995.491319][T11370] register_for_each_vma+0x372/0x890 [ 995.496638][T11370] uprobe_apply+0x8b/0x260 [ 995.501066][T11370] ? __uprobe_trace_func+0x430/0x430 [ 995.506364][T11370] trace_uprobe_register+0x2b6/0x410 10:48:26 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 995.511654][T11370] perf_trace_event_init+0xf8/0x790 [ 995.516859][T11370] perf_uprobe_init+0xf5/0x140 [ 995.521630][T11370] perf_uprobe_event_init+0xde/0x140 [ 995.526949][T11370] perf_try_init_event+0x21a/0x400 [ 995.532071][T11370] perf_event_alloc+0xa60/0x1790 [ 995.537130][T11370] __se_sys_perf_event_open+0x5c7/0x2740 [ 995.542774][T11370] ? vfs_write+0x50c/0x770 [ 995.547260][T11370] __x64_sys_perf_event_open+0x63/0x70 [ 995.552992][T11370] do_syscall_64+0x3d/0x90 [ 995.557436][T11370] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 995.563348][T11370] RIP: 0033:0x4665d9 [ 995.567245][T11370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 995.586906][T11370] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 995.595421][T11370] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 995.603517][T11370] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:26 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xfffffffffffffff, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) [ 995.611517][T11370] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 995.619563][T11370] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 995.627598][T11370] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:27 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8d02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:27 executing program 4 (fault-call:1 fault-nth:61): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 995.764336][T11392] FAULT_INJECTION: forcing a failure. [ 995.764336][T11392] name failslab, interval 1, probability 0, space 0, times 0 [ 995.777103][T11392] CPU: 0 PID: 11392 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 995.785522][T11392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 995.795578][T11392] Call Trace: [ 995.798858][T11392] dump_stack_lvl+0xb7/0x103 [ 995.803539][T11392] dump_stack+0x11/0x1a [ 995.807703][T11392] should_fail+0x23c/0x250 [ 995.812124][T11392] __should_failslab+0x81/0x90 [ 995.816938][T11392] ? register_for_each_vma+0x372/0x890 [ 995.822412][T11392] should_failslab+0x5/0x20 [ 995.826921][T11392] kmem_cache_alloc_trace+0x49/0x310 [ 995.832259][T11392] ? register_for_each_vma+0x372/0x890 [ 995.837726][T11392] ? vma_interval_tree_iter_next+0x24c/0x280 [ 995.843777][T11392] register_for_each_vma+0x372/0x890 [ 995.849174][T11392] uprobe_apply+0x8b/0x260 [ 995.853726][T11392] ? __uprobe_trace_func+0x430/0x430 [ 995.859130][T11392] trace_uprobe_register+0x2b6/0x410 [ 995.864434][T11392] perf_trace_event_init+0xf8/0x790 [ 995.869654][T11392] perf_uprobe_init+0xf5/0x140 [ 995.874438][T11392] perf_uprobe_event_init+0xde/0x140 [ 995.879769][T11392] perf_try_init_event+0x21a/0x400 [ 995.884895][T11392] perf_event_alloc+0xa60/0x1790 [ 995.889831][T11392] __se_sys_perf_event_open+0x5c7/0x2740 [ 995.895496][T11392] ? vfs_write+0x50c/0x770 [ 995.900084][T11392] __x64_sys_perf_event_open+0x63/0x70 [ 995.905580][T11392] do_syscall_64+0x3d/0x90 [ 995.910000][T11392] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 995.915899][T11392] RIP: 0033:0x4665d9 [ 995.919790][T11392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 995.939418][T11392] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 995.947842][T11392] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 995.955831][T11392] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:27 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:27 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\r \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:27 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x9602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 995.963821][T11392] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 995.971798][T11392] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 995.979777][T11392] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:27 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x1000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:27 executing program 4 (fault-call:1 fault-nth:62): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:27 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x9702, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 996.296089][T11421] FAULT_INJECTION: forcing a failure. [ 996.296089][T11421] name failslab, interval 1, probability 0, space 0, times 0 [ 996.308812][T11421] CPU: 0 PID: 11421 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 996.317244][T11421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 996.327311][T11421] Call Trace: [ 996.330596][T11421] dump_stack_lvl+0xb7/0x103 [ 996.335249][T11421] dump_stack+0x11/0x1a [ 996.339502][T11421] should_fail+0x23c/0x250 [ 996.343987][T11421] __should_failslab+0x81/0x90 [ 996.348751][T11421] ? register_for_each_vma+0x372/0x890 [ 996.354226][T11421] should_failslab+0x5/0x20 [ 996.358739][T11421] kmem_cache_alloc_trace+0x49/0x310 [ 996.364088][T11421] ? register_for_each_vma+0x372/0x890 [ 996.369615][T11421] ? vma_interval_tree_iter_next+0x24c/0x280 [ 996.375689][T11421] register_for_each_vma+0x372/0x890 [ 996.380992][T11421] uprobe_apply+0x8b/0x260 [ 996.385515][T11421] ? __uprobe_trace_func+0x430/0x430 [ 996.390823][T11421] trace_uprobe_register+0x2b6/0x410 [ 996.396120][T11421] perf_trace_event_init+0xf8/0x790 [ 996.401344][T11421] perf_uprobe_init+0xf5/0x140 [ 996.406128][T11421] perf_uprobe_event_init+0xde/0x140 [ 996.411426][T11421] perf_try_init_event+0x21a/0x400 [ 996.416550][T11421] perf_event_alloc+0xa60/0x1790 [ 996.421498][T11421] __se_sys_perf_event_open+0x5c7/0x2740 [ 996.427143][T11421] ? vfs_write+0x50c/0x770 [ 996.431572][T11421] __x64_sys_perf_event_open+0x63/0x70 [ 996.437050][T11421] do_syscall_64+0x3d/0x90 [ 996.441503][T11421] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 996.447473][T11421] RIP: 0033:0x4665d9 [ 996.451376][T11421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 996.471024][T11421] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 996.479453][T11421] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 996.487434][T11421] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:27 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 996.495422][T11421] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 996.503408][T11421] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 996.511391][T11421] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:27 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x1000000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:27 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xb202, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:27 executing program 4 (fault-call:1 fault-nth:63): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:28 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x0e \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 996.699656][T11447] FAULT_INJECTION: forcing a failure. [ 996.699656][T11447] name failslab, interval 1, probability 0, space 0, times 0 [ 996.712350][T11447] CPU: 1 PID: 11447 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 996.720910][T11447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 996.731093][T11447] Call Trace: [ 996.734397][T11447] dump_stack_lvl+0xb7/0x103 [ 996.739008][T11447] dump_stack+0x11/0x1a [ 996.743181][T11447] should_fail+0x23c/0x250 [ 996.747621][T11447] __should_failslab+0x81/0x90 [ 996.752395][T11447] ? register_for_each_vma+0x372/0x890 [ 996.757865][T11447] should_failslab+0x5/0x20 [ 996.762387][T11447] kmem_cache_alloc_trace+0x49/0x310 [ 996.767685][T11447] ? register_for_each_vma+0x372/0x890 [ 996.773161][T11447] ? vma_interval_tree_iter_next+0x24c/0x280 [ 996.779151][T11447] register_for_each_vma+0x372/0x890 [ 996.784439][T11447] uprobe_apply+0x8b/0x260 [ 996.788861][T11447] ? __uprobe_trace_func+0x430/0x430 [ 996.794222][T11447] trace_uprobe_register+0x2b6/0x410 [ 996.799521][T11447] perf_trace_event_init+0xf8/0x790 [ 996.804786][T11447] perf_uprobe_init+0xf5/0x140 [ 996.809579][T11447] perf_uprobe_event_init+0xde/0x140 [ 996.814878][T11447] perf_try_init_event+0x21a/0x400 [ 996.820057][T11447] perf_event_alloc+0xa60/0x1790 [ 996.825008][T11447] __se_sys_perf_event_open+0x5c7/0x2740 [ 996.830694][T11447] ? vfs_write+0x50c/0x770 [ 996.835138][T11447] __x64_sys_perf_event_open+0x63/0x70 [ 996.840627][T11447] do_syscall_64+0x3d/0x90 [ 996.845062][T11447] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 996.850970][T11447] RIP: 0033:0x4665d9 [ 996.854870][T11447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 996.874595][T11447] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 996.883034][T11447] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 996.891036][T11447] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:28 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:28 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xb302, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 996.899013][T11447] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 996.906989][T11447] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 996.914964][T11447] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:28 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xb602, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:28 executing program 4 (fault-call:1 fault-nth:64): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 997.087743][T11476] FAULT_INJECTION: forcing a failure. [ 997.087743][T11476] name failslab, interval 1, probability 0, space 0, times 0 [ 997.100398][T11476] CPU: 1 PID: 11476 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 997.108914][T11476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 997.118965][T11476] Call Trace: [ 997.122239][T11476] dump_stack_lvl+0xb7/0x103 [ 997.126874][T11476] dump_stack+0x11/0x1a [ 997.131190][T11476] should_fail+0x23c/0x250 [ 997.135678][T11476] __should_failslab+0x81/0x90 [ 997.140452][T11476] ? register_for_each_vma+0x372/0x890 [ 997.145916][T11476] should_failslab+0x5/0x20 [ 997.150447][T11476] kmem_cache_alloc_trace+0x49/0x310 [ 997.155773][T11476] ? register_for_each_vma+0x372/0x890 [ 997.161329][T11476] ? vma_interval_tree_iter_next+0x263/0x280 [ 997.167432][T11476] register_for_each_vma+0x372/0x890 [ 997.172781][T11476] uprobe_apply+0x8b/0x260 [ 997.177224][T11476] ? __uprobe_trace_func+0x430/0x430 [ 997.182536][T11476] trace_uprobe_register+0x2b6/0x410 [ 997.187824][T11476] perf_trace_event_init+0xf8/0x790 [ 997.193066][T11476] perf_uprobe_init+0xf5/0x140 [ 997.197844][T11476] perf_uprobe_event_init+0xde/0x140 [ 997.203168][T11476] perf_try_init_event+0x21a/0x400 [ 997.208342][T11476] perf_event_alloc+0xa60/0x1790 [ 997.213305][T11476] __se_sys_perf_event_open+0x5c7/0x2740 [ 997.219030][T11476] ? vfs_write+0x50c/0x770 [ 997.223501][T11476] __x64_sys_perf_event_open+0x63/0x70 [ 997.228985][T11476] do_syscall_64+0x3d/0x90 [ 997.233414][T11476] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 997.239315][T11476] RIP: 0033:0x4665d9 [ 997.243216][T11476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 997.262932][T11476] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 997.271360][T11476] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 997.279362][T11476] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:28 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:28 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x11 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:28 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xb702, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:28 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r0 = gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(r0, 0x7) [ 997.287431][T11476] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 997.295515][T11476] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 997.303501][T11476] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:28 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x1100000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:28 executing program 4 (fault-call:1 fault-nth:65): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:28 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xb802, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:28 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x12 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:28 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xc002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 997.564636][T11521] FAULT_INJECTION: forcing a failure. [ 997.564636][T11521] name failslab, interval 1, probability 0, space 0, times 0 [ 997.577361][T11521] CPU: 1 PID: 11521 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 997.585856][T11521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 997.595916][T11521] Call Trace: [ 997.599302][T11521] dump_stack_lvl+0xb7/0x103 [ 997.603904][T11521] dump_stack+0x11/0x1a [ 997.608070][T11521] should_fail+0x23c/0x250 [ 997.612496][T11521] __should_failslab+0x81/0x90 [ 997.617283][T11521] ? register_for_each_vma+0x372/0x890 [ 997.622762][T11521] should_failslab+0x5/0x20 [ 997.627281][T11521] kmem_cache_alloc_trace+0x49/0x310 [ 997.632586][T11521] ? register_for_each_vma+0x372/0x890 [ 997.638056][T11521] ? vma_interval_tree_iter_next+0x24c/0x280 [ 997.644052][T11521] register_for_each_vma+0x372/0x890 [ 997.649355][T11521] uprobe_apply+0x8b/0x260 [ 997.653904][T11521] ? __uprobe_trace_func+0x430/0x430 [ 997.659321][T11521] trace_uprobe_register+0x2b6/0x410 [ 997.664628][T11521] perf_trace_event_init+0xf8/0x790 [ 997.669870][T11521] perf_uprobe_init+0xf5/0x140 [ 997.674660][T11521] perf_uprobe_event_init+0xde/0x140 [ 997.679962][T11521] perf_try_init_event+0x21a/0x400 [ 997.685092][T11521] perf_event_alloc+0xa60/0x1790 [ 997.690049][T11521] __se_sys_perf_event_open+0x5c7/0x2740 [ 997.695704][T11521] ? vfs_write+0x50c/0x770 [ 997.700134][T11521] __x64_sys_perf_event_open+0x63/0x70 [ 997.705598][T11521] do_syscall_64+0x3d/0x90 [ 997.710122][T11521] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 997.716031][T11521] RIP: 0033:0x4665d9 [ 997.719935][T11521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 997.739546][T11521] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 997.747984][T11521] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 997.756051][T11521] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:29 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r0 = gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(r0, 0x7) [ 997.764123][T11521] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 997.772136][T11521] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 997.780119][T11521] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:29 executing program 4 (fault-call:1 fault-nth:66): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 997.871411][T11536] FAULT_INJECTION: forcing a failure. [ 997.871411][T11536] name failslab, interval 1, probability 0, space 0, times 0 [ 997.884261][T11536] CPU: 0 PID: 11536 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 997.892691][T11536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 997.902852][T11536] Call Trace: [ 997.906160][T11536] dump_stack_lvl+0xb7/0x103 [ 997.910784][T11536] dump_stack+0x11/0x1a [ 997.914945][T11536] should_fail+0x23c/0x250 [ 997.919390][T11536] __should_failslab+0x81/0x90 [ 997.924154][T11536] ? register_for_each_vma+0x372/0x890 [ 997.929627][T11536] should_failslab+0x5/0x20 [ 997.934137][T11536] kmem_cache_alloc_trace+0x49/0x310 [ 997.939434][T11536] ? register_for_each_vma+0x372/0x890 [ 997.944894][T11536] ? vma_interval_tree_iter_next+0x24c/0x280 [ 997.950891][T11536] register_for_each_vma+0x372/0x890 [ 997.956245][T11536] uprobe_apply+0x8b/0x260 [ 997.960671][T11536] ? __uprobe_trace_func+0x430/0x430 [ 997.965968][T11536] trace_uprobe_register+0x2b6/0x410 [ 997.971320][T11536] perf_trace_event_init+0xf8/0x790 [ 997.976539][T11536] perf_uprobe_init+0xf5/0x140 [ 997.981389][T11536] perf_uprobe_event_init+0xde/0x140 [ 997.986695][T11536] perf_try_init_event+0x21a/0x400 [ 997.991822][T11536] perf_event_alloc+0xa60/0x1790 [ 997.996827][T11536] __se_sys_perf_event_open+0x5c7/0x2740 [ 998.002468][T11536] ? vfs_write+0x50c/0x770 [ 998.006889][T11536] __x64_sys_perf_event_open+0x63/0x70 [ 998.012355][T11536] do_syscall_64+0x3d/0x90 [ 998.016821][T11536] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 998.022737][T11536] RIP: 0033:0x4665d9 [ 998.026639][T11536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 998.046410][T11536] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 998.054901][T11536] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 998.062882][T11536] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:29 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0xc003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 998.070868][T11536] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 998.078858][T11536] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 998.086934][T11536] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:29 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x40000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:29 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r0 = gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(r0, 0x7) 10:48:29 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x02 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:29 executing program 4 (fault-call:1 fault-nth:67): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 998.284167][T11559] FAULT_INJECTION: forcing a failure. [ 998.284167][T11559] name failslab, interval 1, probability 0, space 0, times 0 [ 998.296849][T11559] CPU: 1 PID: 11559 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 998.305302][T11559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 998.315341][T11559] Call Trace: [ 998.318603][T11559] dump_stack_lvl+0xb7/0x103 [ 998.323192][T11559] dump_stack+0x11/0x1a [ 998.327374][T11559] should_fail+0x23c/0x250 [ 998.331833][T11559] __should_failslab+0x81/0x90 [ 998.336674][T11559] ? register_for_each_vma+0x372/0x890 [ 998.342139][T11559] should_failslab+0x5/0x20 [ 998.346724][T11559] kmem_cache_alloc_trace+0x49/0x310 [ 998.352094][T11559] ? register_for_each_vma+0x372/0x890 [ 998.357569][T11559] ? vma_interval_tree_iter_next+0x263/0x280 [ 998.363635][T11559] register_for_each_vma+0x372/0x890 [ 998.368928][T11559] uprobe_apply+0x8b/0x260 [ 998.373344][T11559] ? __uprobe_trace_func+0x430/0x430 [ 998.378657][T11559] trace_uprobe_register+0x2b6/0x410 [ 998.383948][T11559] perf_trace_event_init+0xf8/0x790 [ 998.389154][T11559] perf_uprobe_init+0xf5/0x140 [ 998.393934][T11559] perf_uprobe_event_init+0xde/0x140 [ 998.399223][T11559] perf_try_init_event+0x21a/0x400 [ 998.404340][T11559] perf_event_alloc+0xa60/0x1790 [ 998.409282][T11559] __se_sys_perf_event_open+0x5c7/0x2740 [ 998.415095][T11559] ? vfs_write+0x50c/0x770 [ 998.419595][T11559] __x64_sys_perf_event_open+0x63/0x70 [ 998.425065][T11559] do_syscall_64+0x3d/0x90 [ 998.429554][T11559] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 998.435492][T11559] RIP: 0033:0x4665d9 [ 998.439377][T11559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 998.458988][T11559] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 998.467421][T11559] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 998.475407][T11559] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 998.483381][T11559] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 998.491357][T11559] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 998.499335][T11559] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:29 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x1200000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:29 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:29 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:29 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:29 executing program 4 (fault-call:1 fault-nth:68): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:29 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 998.667740][T11596] FAULT_INJECTION: forcing a failure. [ 998.667740][T11596] name failslab, interval 1, probability 0, space 0, times 0 [ 998.680539][T11596] CPU: 0 PID: 11596 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 998.688965][T11596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 998.699066][T11596] Call Trace: [ 998.702349][T11596] dump_stack_lvl+0xb7/0x103 [ 998.706970][T11596] dump_stack+0x11/0x1a [ 998.711127][T11596] should_fail+0x23c/0x250 10:48:30 executing program 0: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 998.715554][T11596] __should_failslab+0x81/0x90 [ 998.720314][T11596] ? register_for_each_vma+0x372/0x890 [ 998.725770][T11596] should_failslab+0x5/0x20 [ 998.730269][T11596] kmem_cache_alloc_trace+0x49/0x310 [ 998.735588][T11596] ? register_for_each_vma+0x372/0x890 [ 998.741086][T11596] ? vma_interval_tree_iter_next+0x24c/0x280 [ 998.747095][T11596] register_for_each_vma+0x372/0x890 [ 998.752450][T11596] uprobe_apply+0x8b/0x260 [ 998.756864][T11596] ? __uprobe_trace_func+0x430/0x430 [ 998.762156][T11596] trace_uprobe_register+0x2b6/0x410 [ 998.767447][T11596] perf_trace_event_init+0xf8/0x790 [ 998.772680][T11596] perf_uprobe_init+0xf5/0x140 [ 998.777496][T11596] perf_uprobe_event_init+0xde/0x140 [ 998.782786][T11596] perf_try_init_event+0x21a/0x400 [ 998.788003][T11596] perf_event_alloc+0xa60/0x1790 [ 998.792957][T11596] __se_sys_perf_event_open+0x5c7/0x2740 [ 998.798600][T11596] ? vfs_write+0x50c/0x770 [ 998.803019][T11596] __x64_sys_perf_event_open+0x63/0x70 [ 998.808486][T11596] do_syscall_64+0x3d/0x90 [ 998.812918][T11596] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 998.818827][T11596] RIP: 0033:0x4665d9 [ 998.822724][T11596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 998.842384][T11596] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 998.850820][T11596] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 998.858809][T11596] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:30 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x03 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 998.866795][T11596] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 998.874800][T11596] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 998.882791][T11596] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:30 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x100000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:30 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:30 executing program 4 (fault-call:1 fault-nth:69): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:30 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x04 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 999.166705][T11632] FAULT_INJECTION: forcing a failure. [ 999.166705][T11632] name failslab, interval 1, probability 0, space 0, times 0 [ 999.179385][T11632] CPU: 0 PID: 11632 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 999.187808][T11632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 999.197949][T11632] Call Trace: [ 999.201235][T11632] dump_stack_lvl+0xb7/0x103 [ 999.205904][T11632] dump_stack+0x11/0x1a [ 999.210073][T11632] should_fail+0x23c/0x250 [ 999.214516][T11632] __should_failslab+0x81/0x90 [ 999.219286][T11632] ? register_for_each_vma+0x372/0x890 [ 999.224755][T11632] should_failslab+0x5/0x20 [ 999.229264][T11632] kmem_cache_alloc_trace+0x49/0x310 [ 999.234631][T11632] ? register_for_each_vma+0x372/0x890 [ 999.240184][T11632] ? vma_interval_tree_iter_next+0x263/0x280 [ 999.246178][T11632] register_for_each_vma+0x372/0x890 [ 999.251665][T11632] uprobe_apply+0x8b/0x260 [ 999.256104][T11632] ? __uprobe_trace_func+0x430/0x430 [ 999.261395][T11632] trace_uprobe_register+0x2b6/0x410 [ 999.266685][T11632] perf_trace_event_init+0xf8/0x790 [ 999.271916][T11632] perf_uprobe_init+0xf5/0x140 [ 999.276819][T11632] perf_uprobe_event_init+0xde/0x140 [ 999.282121][T11632] perf_try_init_event+0x21a/0x400 [ 999.287268][T11632] perf_event_alloc+0xa60/0x1790 [ 999.292209][T11632] __se_sys_perf_event_open+0x5c7/0x2740 [ 999.297908][T11632] ? vfs_write+0x50c/0x770 [ 999.302352][T11632] __x64_sys_perf_event_open+0x63/0x70 [ 999.307836][T11632] do_syscall_64+0x3d/0x90 [ 999.312261][T11632] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 999.318208][T11632] RIP: 0033:0x4665d9 [ 999.322125][T11632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 999.341977][T11632] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 999.350407][T11632] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 999.358417][T11632] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 999.366429][T11632] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 999.374416][T11632] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 999.382423][T11632] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:30 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x2000000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:30 executing program 0: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:30 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:30 executing program 4 (fault-call:1 fault-nth:70): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:30 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 999.572779][T11660] FAULT_INJECTION: forcing a failure. [ 999.572779][T11660] name failslab, interval 1, probability 0, space 0, times 0 [ 999.585524][T11660] CPU: 0 PID: 11660 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 999.593984][T11660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 999.604049][T11660] Call Trace: [ 999.607410][T11660] dump_stack_lvl+0xb7/0x103 [ 999.612004][T11660] dump_stack+0x11/0x1a [ 999.616168][T11660] should_fail+0x23c/0x250 [ 999.620589][T11660] __should_failslab+0x81/0x90 [ 999.625359][T11660] ? register_for_each_vma+0x372/0x890 [ 999.630831][T11660] should_failslab+0x5/0x20 [ 999.635342][T11660] kmem_cache_alloc_trace+0x49/0x310 [ 999.640644][T11660] ? register_for_each_vma+0x372/0x890 [ 999.646125][T11660] ? vma_interval_tree_iter_next+0x24c/0x280 [ 999.652120][T11660] register_for_each_vma+0x372/0x890 [ 999.657412][T11660] uprobe_apply+0x8b/0x260 [ 999.661831][T11660] ? __uprobe_trace_func+0x430/0x430 [ 999.667129][T11660] trace_uprobe_register+0x2b6/0x410 [ 999.672416][T11660] perf_trace_event_init+0xf8/0x790 [ 999.677717][T11660] perf_uprobe_init+0xf5/0x140 [ 999.682589][T11660] perf_uprobe_event_init+0xde/0x140 [ 999.687904][T11660] perf_try_init_event+0x21a/0x400 [ 999.693093][T11660] perf_event_alloc+0xa60/0x1790 [ 999.698104][T11660] __se_sys_perf_event_open+0x5c7/0x2740 [ 999.703850][T11660] ? vfs_write+0x50c/0x770 [ 999.708283][T11660] __x64_sys_perf_event_open+0x63/0x70 [ 999.713756][T11660] do_syscall_64+0x3d/0x90 [ 999.718214][T11660] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 999.724157][T11660] RIP: 0033:0x4665d9 [ 999.728059][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 999.747852][T11660] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 999.756349][T11660] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 999.764411][T11660] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 999.772438][T11660] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 999.780417][T11660] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 999.788511][T11660] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:31 executing program 0: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:31 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x200000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:31 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x05 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:31 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:31 executing program 4 (fault-call:1 fault-nth:71): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1000.164980][T11687] FAULT_INJECTION: forcing a failure. [ 1000.164980][T11687] name failslab, interval 1, probability 0, space 0, times 0 [ 1000.177641][T11687] CPU: 1 PID: 11687 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1000.186081][T11687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1000.196146][T11687] Call Trace: [ 1000.199473][T11687] dump_stack_lvl+0xb7/0x103 [ 1000.204084][T11687] dump_stack+0x11/0x1a [ 1000.208263][T11687] should_fail+0x23c/0x250 [ 1000.212690][T11687] __should_failslab+0x81/0x90 [ 1000.217466][T11687] ? register_for_each_vma+0x372/0x890 [ 1000.222933][T11687] should_failslab+0x5/0x20 [ 1000.227442][T11687] kmem_cache_alloc_trace+0x49/0x310 [ 1000.232791][T11687] ? register_for_each_vma+0x372/0x890 [ 1000.238287][T11687] ? vma_interval_tree_iter_next+0x263/0x280 [ 1000.244370][T11687] register_for_each_vma+0x372/0x890 [ 1000.249682][T11687] uprobe_apply+0x8b/0x260 [ 1000.254190][T11687] ? __uprobe_trace_func+0x430/0x430 [ 1000.259532][T11687] trace_uprobe_register+0x2b6/0x410 [ 1000.264898][T11687] perf_trace_event_init+0xf8/0x790 [ 1000.270126][T11687] perf_uprobe_init+0xf5/0x140 [ 1000.274952][T11687] perf_uprobe_event_init+0xde/0x140 [ 1000.280268][T11687] perf_try_init_event+0x21a/0x400 [ 1000.285581][T11687] perf_event_alloc+0xa60/0x1790 [ 1000.290531][T11687] __se_sys_perf_event_open+0x5c7/0x2740 [ 1000.296192][T11687] ? vfs_write+0x50c/0x770 [ 1000.300746][T11687] __x64_sys_perf_event_open+0x63/0x70 [ 1000.306274][T11687] do_syscall_64+0x3d/0x90 [ 1000.310745][T11687] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1000.316658][T11687] RIP: 0033:0x4665d9 [ 1000.320598][T11687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1000.340210][T11687] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1000.348811][T11687] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1000.356794][T11687] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:31 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:31 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1000.364780][T11687] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1000.372944][T11687] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1000.380955][T11687] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:31 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x2010000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:31 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:31 executing program 4 (fault-call:1 fault-nth:72): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:31 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:31 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x06 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1000.548152][T11718] FAULT_INJECTION: forcing a failure. [ 1000.548152][T11718] name failslab, interval 1, probability 0, space 0, times 0 [ 1000.560826][T11718] CPU: 0 PID: 11718 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1000.569249][T11718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1000.579396][T11718] Call Trace: [ 1000.582727][T11718] dump_stack_lvl+0xb7/0x103 [ 1000.587332][T11718] dump_stack+0x11/0x1a [ 1000.591509][T11718] should_fail+0x23c/0x250 [ 1000.595936][T11718] __should_failslab+0x81/0x90 [ 1000.600738][T11718] ? register_for_each_vma+0x372/0x890 [ 1000.606202][T11718] should_failslab+0x5/0x20 [ 1000.610721][T11718] kmem_cache_alloc_trace+0x49/0x310 [ 1000.616096][T11718] ? register_for_each_vma+0x372/0x890 [ 1000.621747][T11718] ? vma_interval_tree_iter_next+0x263/0x280 [ 1000.627751][T11718] register_for_each_vma+0x372/0x890 [ 1000.633069][T11718] uprobe_apply+0x8b/0x260 [ 1000.637487][T11718] ? __uprobe_trace_func+0x430/0x430 [ 1000.642785][T11718] trace_uprobe_register+0x2b6/0x410 [ 1000.648074][T11718] perf_trace_event_init+0xf8/0x790 [ 1000.653283][T11718] perf_uprobe_init+0xf5/0x140 [ 1000.658076][T11718] perf_uprobe_event_init+0xde/0x140 [ 1000.663389][T11718] perf_try_init_event+0x21a/0x400 [ 1000.668512][T11718] perf_event_alloc+0xa60/0x1790 [ 1000.673452][T11718] __se_sys_perf_event_open+0x5c7/0x2740 [ 1000.679090][T11718] ? vfs_write+0x50c/0x770 [ 1000.683514][T11718] __x64_sys_perf_event_open+0x63/0x70 [ 1000.689110][T11718] do_syscall_64+0x3d/0x90 [ 1000.693600][T11718] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1000.699511][T11718] RIP: 0033:0x4665d9 [ 1000.703410][T11718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1000.723052][T11718] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1000.731483][T11718] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1000.739471][T11718] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:32 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1000.747458][T11718] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1000.755443][T11718] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1000.763479][T11718] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:32 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x204000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:32 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:32 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:32 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:32 executing program 4 (fault-call:1 fault-nth:73): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\a \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1001.071742][T11752] FAULT_INJECTION: forcing a failure. [ 1001.071742][T11752] name failslab, interval 1, probability 0, space 0, times 0 [ 1001.084519][T11752] CPU: 1 PID: 11752 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1001.092949][T11752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1001.103040][T11752] Call Trace: [ 1001.106324][T11752] dump_stack_lvl+0xb7/0x103 [ 1001.110995][T11752] dump_stack+0x11/0x1a [ 1001.115158][T11752] should_fail+0x23c/0x250 [ 1001.119599][T11752] __should_failslab+0x81/0x90 [ 1001.124441][T11752] ? register_for_each_vma+0x372/0x890 [ 1001.129918][T11752] should_failslab+0x5/0x20 [ 1001.134429][T11752] kmem_cache_alloc_trace+0x49/0x310 [ 1001.139727][T11752] ? register_for_each_vma+0x372/0x890 [ 1001.145209][T11752] ? vma_interval_tree_iter_next+0x263/0x280 [ 1001.151246][T11752] register_for_each_vma+0x372/0x890 [ 1001.156537][T11752] uprobe_apply+0x8b/0x260 [ 1001.160954][T11752] ? __uprobe_trace_func+0x430/0x430 [ 1001.166303][T11752] trace_uprobe_register+0x2b6/0x410 [ 1001.171595][T11752] perf_trace_event_init+0xf8/0x790 [ 1001.176864][T11752] perf_uprobe_init+0xf5/0x140 [ 1001.181652][T11752] perf_uprobe_event_init+0xde/0x140 [ 1001.186944][T11752] perf_try_init_event+0x21a/0x400 [ 1001.192064][T11752] perf_event_alloc+0xa60/0x1790 [ 1001.197020][T11752] __se_sys_perf_event_open+0x5c7/0x2740 [ 1001.202676][T11752] ? vfs_write+0x50c/0x770 [ 1001.207181][T11752] __x64_sys_perf_event_open+0x63/0x70 [ 1001.212684][T11752] do_syscall_64+0x3d/0x90 [ 1001.217106][T11752] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1001.223069][T11752] RIP: 0033:0x4665d9 [ 1001.226967][T11752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1001.246597][T11752] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1001.255026][T11752] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1001.263070][T11752] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1001.271056][T11752] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1001.279046][T11752] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1001.287202][T11752] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:32 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x2200000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:32 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:32 executing program 4 (fault-call:1 fault-nth:74): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\b \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1001.426058][T11783] FAULT_INJECTION: forcing a failure. [ 1001.426058][T11783] name failslab, interval 1, probability 0, space 0, times 0 [ 1001.438771][T11783] CPU: 0 PID: 11783 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1001.447211][T11783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1001.457282][T11783] Call Trace: [ 1001.460567][T11783] dump_stack_lvl+0xb7/0x103 [ 1001.465240][T11783] dump_stack+0x11/0x1a [ 1001.469538][T11783] should_fail+0x23c/0x250 [ 1001.473971][T11783] __should_failslab+0x81/0x90 [ 1001.478739][T11783] ? register_for_each_vma+0x372/0x890 [ 1001.484211][T11783] should_failslab+0x5/0x20 [ 1001.488772][T11783] kmem_cache_alloc_trace+0x49/0x310 [ 1001.494164][T11783] ? register_for_each_vma+0x372/0x890 [ 1001.499630][T11783] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1001.505642][T11783] register_for_each_vma+0x372/0x890 [ 1001.510991][T11783] uprobe_apply+0x8b/0x260 [ 1001.515420][T11783] ? __uprobe_trace_func+0x430/0x430 [ 1001.520784][T11783] trace_uprobe_register+0x2b6/0x410 [ 1001.526172][T11783] perf_trace_event_init+0xf8/0x790 [ 1001.531403][T11783] perf_uprobe_init+0xf5/0x140 [ 1001.536192][T11783] perf_uprobe_event_init+0xde/0x140 [ 1001.541493][T11783] perf_try_init_event+0x21a/0x400 [ 1001.546694][T11783] perf_event_alloc+0xa60/0x1790 [ 1001.551688][T11783] __se_sys_perf_event_open+0x5c7/0x2740 [ 1001.557332][T11783] ? vfs_write+0x50c/0x770 [ 1001.561791][T11783] __x64_sys_perf_event_open+0x63/0x70 [ 1001.567271][T11783] do_syscall_64+0x3d/0x90 [ 1001.571775][T11783] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1001.577740][T11783] RIP: 0033:0x4665d9 [ 1001.581644][T11783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1001.601447][T11783] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1001.609890][T11783] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1001.617874][T11783] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:32 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1001.625865][T11783] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1001.633869][T11783] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1001.641922][T11783] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:33 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:33 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x300000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:33 executing program 4 (fault-call:1 fault-nth:75): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:33 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\t \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1001.880979][T11819] FAULT_INJECTION: forcing a failure. [ 1001.880979][T11819] name failslab, interval 1, probability 0, space 0, times 0 [ 1001.893759][T11819] CPU: 1 PID: 11819 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1001.902277][T11819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1001.912344][T11819] Call Trace: [ 1001.915636][T11819] dump_stack_lvl+0xb7/0x103 [ 1001.920318][T11819] dump_stack+0x11/0x1a [ 1001.924490][T11819] should_fail+0x23c/0x250 [ 1001.928933][T11819] __should_failslab+0x81/0x90 [ 1001.933712][T11819] ? register_for_each_vma+0x372/0x890 [ 1001.939192][T11819] should_failslab+0x5/0x20 [ 1001.943712][T11819] kmem_cache_alloc_trace+0x49/0x310 [ 1001.949048][T11819] ? register_for_each_vma+0x372/0x890 [ 1001.954533][T11819] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1001.960544][T11819] register_for_each_vma+0x372/0x890 [ 1001.965930][T11819] uprobe_apply+0x8b/0x260 [ 1001.970369][T11819] ? __uprobe_trace_func+0x430/0x430 [ 1001.975682][T11819] trace_uprobe_register+0x2b6/0x410 [ 1001.981021][T11819] perf_trace_event_init+0xf8/0x790 [ 1001.986252][T11819] perf_uprobe_init+0xf5/0x140 [ 1001.991049][T11819] perf_uprobe_event_init+0xde/0x140 [ 1001.996359][T11819] perf_try_init_event+0x21a/0x400 [ 1002.001501][T11819] perf_event_alloc+0xa60/0x1790 [ 1002.006654][T11819] __se_sys_perf_event_open+0x5c7/0x2740 [ 1002.012322][T11819] ? vfs_write+0x50c/0x770 [ 1002.016811][T11819] __x64_sys_perf_event_open+0x63/0x70 [ 1002.022377][T11819] do_syscall_64+0x3d/0x90 [ 1002.026824][T11819] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1002.032822][T11819] RIP: 0033:0x4665d9 [ 1002.036741][T11819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1002.056542][T11819] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1002.064972][T11819] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1002.072967][T11819] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:33 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1002.080955][T11819] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1002.088940][T11819] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1002.097084][T11819] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:33 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:33 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x2500000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:33 executing program 4 (fault-call:1 fault-nth:76): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\n \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:33 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1002.309253][T11853] FAULT_INJECTION: forcing a failure. [ 1002.309253][T11853] name failslab, interval 1, probability 0, space 0, times 0 [ 1002.322009][T11853] CPU: 1 PID: 11853 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1002.330455][T11853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1002.340521][T11853] Call Trace: [ 1002.343823][T11853] dump_stack_lvl+0xb7/0x103 [ 1002.348500][T11853] dump_stack+0x11/0x1a [ 1002.352683][T11853] should_fail+0x23c/0x250 [ 1002.357129][T11853] __should_failslab+0x81/0x90 [ 1002.361923][T11853] ? register_for_each_vma+0x372/0x890 [ 1002.367403][T11853] should_failslab+0x5/0x20 [ 1002.371924][T11853] kmem_cache_alloc_trace+0x49/0x310 [ 1002.377270][T11853] ? register_for_each_vma+0x372/0x890 [ 1002.382754][T11853] ? vma_interval_tree_iter_next+0x263/0x280 [ 1002.388769][T11853] register_for_each_vma+0x372/0x890 [ 1002.394082][T11853] uprobe_apply+0x8b/0x260 [ 1002.398515][T11853] ? __uprobe_trace_func+0x430/0x430 [ 1002.403898][T11853] trace_uprobe_register+0x2b6/0x410 [ 1002.409205][T11853] perf_trace_event_init+0xf8/0x790 [ 1002.414508][T11853] perf_uprobe_init+0xf5/0x140 [ 1002.419316][T11853] perf_uprobe_event_init+0xde/0x140 [ 1002.424672][T11853] perf_try_init_event+0x21a/0x400 [ 1002.429809][T11853] perf_event_alloc+0xa60/0x1790 [ 1002.434841][T11853] __se_sys_perf_event_open+0x5c7/0x2740 [ 1002.440563][T11853] ? vfs_write+0x50c/0x770 [ 1002.445004][T11853] __x64_sys_perf_event_open+0x63/0x70 [ 1002.450490][T11853] do_syscall_64+0x3d/0x90 [ 1002.454964][T11853] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1002.460901][T11853] RIP: 0033:0x4665d9 [ 1002.464803][T11853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1002.484470][T11853] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1002.492899][T11853] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1002.500944][T11853] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:33 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:33 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1002.508936][T11853] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1002.516929][T11853] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1002.525088][T11853] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:34 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x37dc12502000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:34 executing program 4 (fault-call:1 fault-nth:77): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:34 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:34 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\v \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:34 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1002.788163][T11886] FAULT_INJECTION: forcing a failure. [ 1002.788163][T11886] name failslab, interval 1, probability 0, space 0, times 0 [ 1002.800962][T11886] CPU: 1 PID: 11886 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1002.809393][T11886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1002.819455][T11886] Call Trace: [ 1002.822740][T11886] dump_stack_lvl+0xb7/0x103 [ 1002.827349][T11886] dump_stack+0x11/0x1a [ 1002.831634][T11886] should_fail+0x23c/0x250 [ 1002.836105][T11886] __should_failslab+0x81/0x90 [ 1002.840877][T11886] ? register_for_each_vma+0x372/0x890 [ 1002.846497][T11886] should_failslab+0x5/0x20 [ 1002.851093][T11886] kmem_cache_alloc_trace+0x49/0x310 [ 1002.856417][T11886] ? register_for_each_vma+0x372/0x890 [ 1002.861886][T11886] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1002.867942][T11886] register_for_each_vma+0x372/0x890 [ 1002.873244][T11886] uprobe_apply+0x8b/0x260 [ 1002.877688][T11886] ? __uprobe_trace_func+0x430/0x430 [ 1002.883064][T11886] trace_uprobe_register+0x2b6/0x410 [ 1002.888364][T11886] perf_trace_event_init+0xf8/0x790 [ 1002.893619][T11886] perf_uprobe_init+0xf5/0x140 [ 1002.898404][T11886] perf_uprobe_event_init+0xde/0x140 [ 1002.903712][T11886] perf_try_init_event+0x21a/0x400 [ 1002.909037][T11886] perf_event_alloc+0xa60/0x1790 [ 1002.914002][T11886] __se_sys_perf_event_open+0x5c7/0x2740 [ 1002.919642][T11886] ? vfs_write+0x50c/0x770 [ 1002.924077][T11886] __x64_sys_perf_event_open+0x63/0x70 [ 1002.929567][T11886] do_syscall_64+0x3d/0x90 [ 1002.934003][T11886] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1002.939936][T11886] RIP: 0033:0x4665d9 [ 1002.943927][T11886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1002.963646][T11886] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1002.972074][T11886] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1002.980070][T11886] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:34 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1002.988136][T11886] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1002.996140][T11886] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1003.004127][T11886] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:34 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x3f00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:34 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:34 executing program 4 (fault-call:1 fault-nth:78): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:34 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\f \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:34 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1003.205235][T11925] FAULT_INJECTION: forcing a failure. [ 1003.205235][T11925] name failslab, interval 1, probability 0, space 0, times 0 [ 1003.217946][T11925] CPU: 0 PID: 11925 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1003.226426][T11925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1003.236492][T11925] Call Trace: [ 1003.239797][T11925] dump_stack_lvl+0xb7/0x103 [ 1003.244484][T11925] dump_stack+0x11/0x1a [ 1003.248664][T11925] should_fail+0x23c/0x250 [ 1003.253150][T11925] __should_failslab+0x81/0x90 [ 1003.258059][T11925] ? register_for_each_vma+0x372/0x890 [ 1003.263611][T11925] should_failslab+0x5/0x20 [ 1003.268141][T11925] kmem_cache_alloc_trace+0x49/0x310 [ 1003.273502][T11925] ? register_for_each_vma+0x372/0x890 [ 1003.278984][T11925] ? vma_interval_tree_iter_next+0x263/0x280 [ 1003.284997][T11925] register_for_each_vma+0x372/0x890 [ 1003.290308][T11925] uprobe_apply+0x8b/0x260 [ 1003.294753][T11925] ? __uprobe_trace_func+0x430/0x430 [ 1003.300087][T11925] trace_uprobe_register+0x2b6/0x410 [ 1003.305401][T11925] perf_trace_event_init+0xf8/0x790 [ 1003.310631][T11925] perf_uprobe_init+0xf5/0x140 [ 1003.315597][T11925] perf_uprobe_event_init+0xde/0x140 [ 1003.321013][T11925] perf_try_init_event+0x21a/0x400 [ 1003.326179][T11925] perf_event_alloc+0xa60/0x1790 [ 1003.331181][T11925] __se_sys_perf_event_open+0x5c7/0x2740 [ 1003.336841][T11925] ? vfs_write+0x50c/0x770 [ 1003.341324][T11925] __x64_sys_perf_event_open+0x63/0x70 [ 1003.346818][T11925] do_syscall_64+0x3d/0x90 [ 1003.351265][T11925] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1003.357195][T11925] RIP: 0033:0x4665d9 [ 1003.361110][T11925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1003.380744][T11925] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1003.389188][T11925] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1003.397236][T11925] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:34 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1003.405253][T11925] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1003.413282][T11925] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1003.421262][T11925] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:34 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x400000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:34 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:34 executing program 4 (fault-call:1 fault-nth:79): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:34 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\r \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:34 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1003.690034][T11958] FAULT_INJECTION: forcing a failure. [ 1003.690034][T11958] name failslab, interval 1, probability 0, space 0, times 0 [ 1003.702740][T11958] CPU: 0 PID: 11958 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1003.711180][T11958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1003.721281][T11958] Call Trace: [ 1003.724570][T11958] dump_stack_lvl+0xb7/0x103 [ 1003.729182][T11958] dump_stack+0x11/0x1a [ 1003.733358][T11958] should_fail+0x23c/0x250 [ 1003.737798][T11958] __should_failslab+0x81/0x90 [ 1003.742570][T11958] ? register_for_each_vma+0x372/0x890 [ 1003.748077][T11958] should_failslab+0x5/0x20 [ 1003.752651][T11958] kmem_cache_alloc_trace+0x49/0x310 [ 1003.757962][T11958] ? register_for_each_vma+0x372/0x890 [ 1003.763441][T11958] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1003.769554][T11958] register_for_each_vma+0x372/0x890 [ 1003.774870][T11958] uprobe_apply+0x8b/0x260 [ 1003.779307][T11958] ? __uprobe_trace_func+0x430/0x430 [ 1003.784633][T11958] trace_uprobe_register+0x2b6/0x410 [ 1003.790040][T11958] perf_trace_event_init+0xf8/0x790 [ 1003.795271][T11958] perf_uprobe_init+0xf5/0x140 [ 1003.800064][T11958] perf_uprobe_event_init+0xde/0x140 [ 1003.805379][T11958] perf_try_init_event+0x21a/0x400 [ 1003.810692][T11958] perf_event_alloc+0xa60/0x1790 [ 1003.815650][T11958] __se_sys_perf_event_open+0x5c7/0x2740 [ 1003.821303][T11958] ? vfs_write+0x50c/0x770 [ 1003.825763][T11958] __x64_sys_perf_event_open+0x63/0x70 [ 1003.831255][T11958] do_syscall_64+0x3d/0x90 10:48:35 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1003.835766][T11958] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1003.841679][T11958] RIP: 0033:0x4665d9 [ 1003.845613][T11958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1003.865357][T11958] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1003.873785][T11958] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1003.881797][T11958] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1003.889806][T11958] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1003.898011][T11958] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1003.906002][T11958] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:35 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x4000000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:35 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:35 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x0e \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:35 executing program 4 (fault-call:1 fault-nth:80): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1004.111021][T11995] FAULT_INJECTION: forcing a failure. [ 1004.111021][T11995] name failslab, interval 1, probability 0, space 0, times 0 [ 1004.123733][T11995] CPU: 1 PID: 11995 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1004.132317][T11995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1004.142580][T11995] Call Trace: [ 1004.145880][T11995] dump_stack_lvl+0xb7/0x103 [ 1004.150496][T11995] dump_stack+0x11/0x1a [ 1004.154668][T11995] should_fail+0x23c/0x250 [ 1004.159117][T11995] __should_failslab+0x81/0x90 [ 1004.163976][T11995] ? register_for_each_vma+0x372/0x890 [ 1004.169468][T11995] should_failslab+0x5/0x20 [ 1004.174080][T11995] kmem_cache_alloc_trace+0x49/0x310 [ 1004.179382][T11995] ? register_for_each_vma+0x372/0x890 [ 1004.184856][T11995] ? vma_interval_tree_iter_next+0x263/0x280 [ 1004.190941][T11995] register_for_each_vma+0x372/0x890 [ 1004.196237][T11995] uprobe_apply+0x8b/0x260 [ 1004.200670][T11995] ? __uprobe_trace_func+0x430/0x430 [ 1004.206016][T11995] trace_uprobe_register+0x2b6/0x410 [ 1004.211406][T11995] perf_trace_event_init+0xf8/0x790 [ 1004.216738][T11995] perf_uprobe_init+0xf5/0x140 [ 1004.221701][T11995] perf_uprobe_event_init+0xde/0x140 [ 1004.227365][T11995] perf_try_init_event+0x21a/0x400 [ 1004.232504][T11995] perf_event_alloc+0xa60/0x1790 [ 1004.237485][T11995] __se_sys_perf_event_open+0x5c7/0x2740 [ 1004.243139][T11995] ? vfs_write+0x50c/0x770 [ 1004.247572][T11995] __x64_sys_perf_event_open+0x63/0x70 [ 1004.253053][T11995] do_syscall_64+0x3d/0x90 10:48:35 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1004.257493][T11995] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1004.263404][T11995] RIP: 0033:0x4665d9 [ 1004.267305][T11995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1004.286923][T11995] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1004.295358][T11995] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1004.303483][T11995] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:35 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1004.311742][T11995] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1004.319812][T11995] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1004.327836][T11995] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:36 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x500000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:36 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:36 executing program 4 (fault-call:1 fault-nth:81): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x10 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1004.840398][T12031] FAULT_INJECTION: forcing a failure. [ 1004.840398][T12031] name failslab, interval 1, probability 0, space 0, times 0 [ 1004.853152][T12031] CPU: 1 PID: 12031 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1004.861641][T12031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1004.871709][T12031] Call Trace: [ 1004.875060][T12031] dump_stack_lvl+0xb7/0x103 [ 1004.879717][T12031] dump_stack+0x11/0x1a [ 1004.883889][T12031] should_fail+0x23c/0x250 [ 1004.888316][T12031] __should_failslab+0x81/0x90 [ 1004.893088][T12031] ? register_for_each_vma+0x372/0x890 [ 1004.898560][T12031] should_failslab+0x5/0x20 [ 1004.903082][T12031] kmem_cache_alloc_trace+0x49/0x310 [ 1004.908408][T12031] ? register_for_each_vma+0x372/0x890 [ 1004.914054][T12031] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1004.920156][T12031] register_for_each_vma+0x372/0x890 [ 1004.925456][T12031] uprobe_apply+0x8b/0x260 [ 1004.930144][T12031] ? __uprobe_trace_func+0x430/0x430 [ 1004.935505][T12031] trace_uprobe_register+0x2b6/0x410 [ 1004.940862][T12031] perf_trace_event_init+0xf8/0x790 [ 1004.946128][T12031] perf_uprobe_init+0xf5/0x140 [ 1004.950937][T12031] perf_uprobe_event_init+0xde/0x140 [ 1004.956335][T12031] perf_try_init_event+0x21a/0x400 [ 1004.961460][T12031] perf_event_alloc+0xa60/0x1790 [ 1004.966417][T12031] __se_sys_perf_event_open+0x5c7/0x2740 [ 1004.972072][T12031] ? vfs_write+0x50c/0x770 [ 1004.976499][T12031] __x64_sys_perf_event_open+0x63/0x70 [ 1004.981973][T12031] do_syscall_64+0x3d/0x90 [ 1004.986410][T12031] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1004.992348][T12031] RIP: 0033:0x4665d9 [ 1004.996252][T12031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1005.015903][T12031] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1005.024355][T12031] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1005.032603][T12031] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1005.040593][T12031] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1005.048588][T12031] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1005.056575][T12031] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:36 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x4000080000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:36 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x11 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:36 executing program 4 (fault-call:1 fault-nth:82): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1005.230661][T12058] FAULT_INJECTION: forcing a failure. [ 1005.230661][T12058] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.243389][T12058] CPU: 1 PID: 12058 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1005.251877][T12058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1005.261945][T12058] Call Trace: [ 1005.265235][T12058] dump_stack_lvl+0xb7/0x103 [ 1005.269855][T12058] dump_stack+0x11/0x1a [ 1005.274154][T12058] should_fail+0x23c/0x250 [ 1005.278590][T12058] __should_failslab+0x81/0x90 [ 1005.283369][T12058] ? register_for_each_vma+0x372/0x890 [ 1005.288926][T12058] should_failslab+0x5/0x20 [ 1005.293472][T12058] kmem_cache_alloc_trace+0x49/0x310 [ 1005.298884][T12058] ? register_for_each_vma+0x372/0x890 [ 1005.304443][T12058] ? vma_interval_tree_iter_next+0x263/0x280 [ 1005.310438][T12058] register_for_each_vma+0x372/0x890 [ 1005.315736][T12058] uprobe_apply+0x8b/0x260 [ 1005.320168][T12058] ? __uprobe_trace_func+0x430/0x430 [ 1005.325492][T12058] trace_uprobe_register+0x2b6/0x410 10:48:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1005.330800][T12058] perf_trace_event_init+0xf8/0x790 [ 1005.336105][T12058] perf_uprobe_init+0xf5/0x140 [ 1005.340898][T12058] perf_uprobe_event_init+0xde/0x140 [ 1005.346198][T12058] perf_try_init_event+0x21a/0x400 [ 1005.351320][T12058] perf_event_alloc+0xa60/0x1790 [ 1005.356326][T12058] __se_sys_perf_event_open+0x5c7/0x2740 [ 1005.361971][T12058] ? vfs_write+0x50c/0x770 [ 1005.366401][T12058] __x64_sys_perf_event_open+0x63/0x70 [ 1005.371956][T12058] do_syscall_64+0x3d/0x90 [ 1005.376477][T12058] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1005.382379][T12058] RIP: 0033:0x4665d9 [ 1005.386278][T12058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1005.406025][T12058] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1005.414523][T12058] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1005.422556][T12058] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1005.430645][T12058] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1005.438680][T12058] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1005.446843][T12058] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:36 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1b3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:36 executing program 4 (fault-call:1 fault-nth:83): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1005.569096][T12084] FAULT_INJECTION: forcing a failure. [ 1005.569096][T12084] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.581796][T12084] CPU: 0 PID: 12084 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1005.590222][T12084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1005.600293][T12084] Call Trace: [ 1005.603612][T12084] dump_stack_lvl+0xb7/0x103 [ 1005.608230][T12084] dump_stack+0x11/0x1a [ 1005.612400][T12084] should_fail+0x23c/0x250 [ 1005.616818][T12084] __should_failslab+0x81/0x90 [ 1005.621600][T12084] ? register_for_each_vma+0x372/0x890 [ 1005.627062][T12084] should_failslab+0x5/0x20 [ 1005.631572][T12084] kmem_cache_alloc_trace+0x49/0x310 [ 1005.636951][T12084] ? register_for_each_vma+0x372/0x890 [ 1005.642424][T12084] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1005.648427][T12084] register_for_each_vma+0x372/0x890 [ 1005.653736][T12084] uprobe_apply+0x8b/0x260 [ 1005.658167][T12084] ? __uprobe_trace_func+0x430/0x430 [ 1005.663529][T12084] trace_uprobe_register+0x2b6/0x410 [ 1005.668840][T12084] perf_trace_event_init+0xf8/0x790 [ 1005.674140][T12084] perf_uprobe_init+0xf5/0x140 [ 1005.678936][T12084] perf_uprobe_event_init+0xde/0x140 [ 1005.684297][T12084] perf_try_init_event+0x21a/0x400 [ 1005.689455][T12084] perf_event_alloc+0xa60/0x1790 [ 1005.694407][T12084] __se_sys_perf_event_open+0x5c7/0x2740 [ 1005.700058][T12084] ? vfs_write+0x50c/0x770 [ 1005.704491][T12084] __x64_sys_perf_event_open+0x63/0x70 [ 1005.709983][T12084] do_syscall_64+0x3d/0x90 [ 1005.714562][T12084] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1005.720513][T12084] RIP: 0033:0x4665d9 [ 1005.724495][T12084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1005.744103][T12084] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1005.752536][T12084] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1005.760603][T12084] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1005.768588][T12084] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1005.776579][T12084] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1005.784685][T12084] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:37 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x600000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:37 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:37 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:37 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x12 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:37 executing program 4 (fault-call:1 fault-nth:84): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1005.982472][T12110] FAULT_INJECTION: forcing a failure. [ 1005.982472][T12110] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.995356][T12110] CPU: 1 PID: 12110 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1006.003784][T12110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1006.013862][T12110] Call Trace: [ 1006.017147][T12110] dump_stack_lvl+0xb7/0x103 [ 1006.021884][T12110] dump_stack+0x11/0x1a [ 1006.026046][T12110] should_fail+0x23c/0x250 [ 1006.030471][T12110] __should_failslab+0x81/0x90 [ 1006.035262][T12110] ? register_for_each_vma+0x372/0x890 [ 1006.040794][T12110] should_failslab+0x5/0x20 [ 1006.045363][T12110] kmem_cache_alloc_trace+0x49/0x310 [ 1006.050684][T12110] ? register_for_each_vma+0x372/0x890 [ 1006.056172][T12110] ? vma_interval_tree_iter_next+0x263/0x280 [ 1006.062182][T12110] register_for_each_vma+0x372/0x890 [ 1006.067627][T12110] uprobe_apply+0x8b/0x260 [ 1006.072044][T12110] ? __uprobe_trace_func+0x430/0x430 [ 1006.077421][T12110] trace_uprobe_register+0x2b6/0x410 [ 1006.082724][T12110] perf_trace_event_init+0xf8/0x790 [ 1006.087942][T12110] perf_uprobe_init+0xf5/0x140 [ 1006.092715][T12110] perf_uprobe_event_init+0xde/0x140 [ 1006.098010][T12110] perf_try_init_event+0x21a/0x400 [ 1006.103132][T12110] perf_event_alloc+0xa60/0x1790 [ 1006.108147][T12110] __se_sys_perf_event_open+0x5c7/0x2740 [ 1006.113789][T12110] ? vfs_write+0x50c/0x770 [ 1006.118239][T12110] __x64_sys_perf_event_open+0x63/0x70 [ 1006.123774][T12110] do_syscall_64+0x3d/0x90 [ 1006.128217][T12110] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1006.134214][T12110] RIP: 0033:0x4665d9 [ 1006.138119][T12110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.157726][T12110] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1006.166148][T12110] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1006.174568][T12110] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1006.182593][T12110] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1006.190639][T12110] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1006.198624][T12110] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x4800000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:37 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:37 executing program 4 (fault-call:1 fault-nth:85): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:37 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:37 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98O\t\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1006.333280][T12130] FAULT_INJECTION: forcing a failure. [ 1006.333280][T12130] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.346039][T12130] CPU: 1 PID: 12130 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1006.354472][T12130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1006.364541][T12130] Call Trace: [ 1006.367839][T12130] dump_stack_lvl+0xb7/0x103 [ 1006.372440][T12130] dump_stack+0x11/0x1a [ 1006.376602][T12130] should_fail+0x23c/0x250 [ 1006.381024][T12130] __should_failslab+0x81/0x90 [ 1006.385787][T12130] ? register_for_each_vma+0x372/0x890 [ 1006.391263][T12130] should_failslab+0x5/0x20 [ 1006.395805][T12130] kmem_cache_alloc_trace+0x49/0x310 [ 1006.401146][T12130] ? register_for_each_vma+0x372/0x890 [ 1006.406619][T12130] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1006.412632][T12130] register_for_each_vma+0x372/0x890 [ 1006.418068][T12130] uprobe_apply+0x8b/0x260 [ 1006.422585][T12130] ? __uprobe_trace_func+0x430/0x430 [ 1006.428272][T12130] trace_uprobe_register+0x2b6/0x410 [ 1006.433632][T12130] perf_trace_event_init+0xf8/0x790 [ 1006.438917][T12130] perf_uprobe_init+0xf5/0x140 [ 1006.443705][T12130] perf_uprobe_event_init+0xde/0x140 [ 1006.449009][T12130] perf_try_init_event+0x21a/0x400 [ 1006.454207][T12130] perf_event_alloc+0xa60/0x1790 [ 1006.459169][T12130] __se_sys_perf_event_open+0x5c7/0x2740 [ 1006.464814][T12130] ? vfs_write+0x50c/0x770 [ 1006.469258][T12130] __x64_sys_perf_event_open+0x63/0x70 [ 1006.474746][T12130] do_syscall_64+0x3d/0x90 [ 1006.479191][T12130] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1006.485192][T12130] RIP: 0033:0x4665d9 [ 1006.489104][T12130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.508725][T12130] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1006.517179][T12130] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1006.525178][T12130] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:37 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1006.533172][T12130] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1006.541218][T12130] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1006.549222][T12130] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:37 executing program 4 (fault-call:1 fault-nth:86): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1006.652304][T12154] FAULT_INJECTION: forcing a failure. [ 1006.652304][T12154] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.665000][T12154] CPU: 1 PID: 12154 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1006.673435][T12154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1006.683606][T12154] Call Trace: [ 1006.686913][T12154] dump_stack_lvl+0xb7/0x103 [ 1006.691549][T12154] dump_stack+0x11/0x1a [ 1006.695761][T12154] should_fail+0x23c/0x250 [ 1006.700192][T12154] __should_failslab+0x81/0x90 [ 1006.704976][T12154] ? register_for_each_vma+0x372/0x890 [ 1006.710541][T12154] should_failslab+0x5/0x20 [ 1006.715204][T12154] kmem_cache_alloc_trace+0x49/0x310 [ 1006.720526][T12154] ? register_for_each_vma+0x372/0x890 [ 1006.726019][T12154] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1006.732018][T12154] register_for_each_vma+0x372/0x890 [ 1006.737346][T12154] uprobe_apply+0x8b/0x260 [ 1006.741777][T12154] ? __uprobe_trace_func+0x430/0x430 [ 1006.747118][T12154] trace_uprobe_register+0x2b6/0x410 [ 1006.752440][T12154] perf_trace_event_init+0xf8/0x790 [ 1006.757660][T12154] perf_uprobe_init+0xf5/0x140 [ 1006.762447][T12154] perf_uprobe_event_init+0xde/0x140 [ 1006.767903][T12154] perf_try_init_event+0x21a/0x400 [ 1006.773036][T12154] perf_event_alloc+0xa60/0x1790 [ 1006.778018][T12154] __se_sys_perf_event_open+0x5c7/0x2740 [ 1006.783673][T12154] ? vfs_write+0x50c/0x770 [ 1006.788109][T12154] __x64_sys_perf_event_open+0x63/0x70 [ 1006.793622][T12154] do_syscall_64+0x3d/0x90 [ 1006.798081][T12154] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1006.804121][T12154] RIP: 0033:0x4665d9 [ 1006.808023][T12154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1006.827752][T12154] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1006.836182][T12154] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1006.844177][T12154] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:38 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x604000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:38 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:38 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\v\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1006.852189][T12154] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1006.860615][T12154] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1006.868612][T12154] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:38 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:38 executing program 4 (fault-call:1 fault-nth:87): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1007.014053][T12179] FAULT_INJECTION: forcing a failure. [ 1007.014053][T12179] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.026835][T12179] CPU: 0 PID: 12179 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1007.035268][T12179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1007.045337][T12179] Call Trace: [ 1007.048623][T12179] dump_stack_lvl+0xb7/0x103 [ 1007.053265][T12179] dump_stack+0x11/0x1a [ 1007.057433][T12179] should_fail+0x23c/0x250 [ 1007.061862][T12179] __should_failslab+0x81/0x90 [ 1007.066632][T12179] ? register_for_each_vma+0x372/0x890 [ 1007.072107][T12179] should_failslab+0x5/0x20 [ 1007.076631][T12179] kmem_cache_alloc_trace+0x49/0x310 [ 1007.082068][T12179] ? register_for_each_vma+0x372/0x890 [ 1007.087551][T12179] ? vma_interval_tree_iter_next+0x263/0x280 [ 1007.093600][T12179] register_for_each_vma+0x372/0x890 [ 1007.098909][T12179] uprobe_apply+0x8b/0x260 [ 1007.103344][T12179] ? __uprobe_trace_func+0x430/0x430 [ 1007.108701][T12179] trace_uprobe_register+0x2b6/0x410 [ 1007.114000][T12179] perf_trace_event_init+0xf8/0x790 [ 1007.119226][T12179] perf_uprobe_init+0xf5/0x140 [ 1007.124009][T12179] perf_uprobe_event_init+0xde/0x140 [ 1007.129315][T12179] perf_try_init_event+0x21a/0x400 [ 1007.134441][T12179] perf_event_alloc+0xa60/0x1790 [ 1007.139430][T12179] __se_sys_perf_event_open+0x5c7/0x2740 [ 1007.145098][T12179] ? vfs_write+0x50c/0x770 [ 1007.149526][T12179] __x64_sys_perf_event_open+0x63/0x70 [ 1007.155005][T12179] do_syscall_64+0x3d/0x90 [ 1007.159437][T12179] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1007.165387][T12179] RIP: 0033:0x4665d9 [ 1007.169305][T12179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.188929][T12179] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1007.197365][T12179] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1007.205531][T12179] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1007.213533][T12179] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1007.221519][T12179] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1007.229510][T12179] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:38 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x4c00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:38 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x900, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:38 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x0, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:38 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x0, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:38 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:38 executing program 4 (fault-call:1 fault-nth:88): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1007.432562][T12213] FAULT_INJECTION: forcing a failure. [ 1007.432562][T12213] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.445250][T12213] CPU: 1 PID: 12213 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1007.453711][T12213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1007.463779][T12213] Call Trace: [ 1007.467067][T12213] dump_stack_lvl+0xb7/0x103 [ 1007.471698][T12213] dump_stack+0x11/0x1a [ 1007.475889][T12213] should_fail+0x23c/0x250 [ 1007.480334][T12213] __should_failslab+0x81/0x90 [ 1007.485134][T12213] ? register_for_each_vma+0x372/0x890 [ 1007.490594][T12213] should_failslab+0x5/0x20 [ 1007.495132][T12213] kmem_cache_alloc_trace+0x49/0x310 [ 1007.500529][T12213] ? register_for_each_vma+0x372/0x890 [ 1007.506097][T12213] ? vma_interval_tree_iter_next+0x263/0x280 [ 1007.512113][T12213] register_for_each_vma+0x372/0x890 [ 1007.517490][T12213] uprobe_apply+0x8b/0x260 [ 1007.521919][T12213] ? __uprobe_trace_func+0x430/0x430 [ 1007.527259][T12213] trace_uprobe_register+0x2b6/0x410 [ 1007.532559][T12213] perf_trace_event_init+0xf8/0x790 [ 1007.537835][T12213] perf_uprobe_init+0xf5/0x140 [ 1007.542607][T12213] perf_uprobe_event_init+0xde/0x140 [ 1007.547908][T12213] perf_try_init_event+0x21a/0x400 [ 1007.553064][T12213] perf_event_alloc+0xa60/0x1790 [ 1007.558006][T12213] __se_sys_perf_event_open+0x5c7/0x2740 [ 1007.563646][T12213] ? vfs_write+0x50c/0x770 [ 1007.568066][T12213] __x64_sys_perf_event_open+0x63/0x70 [ 1007.573612][T12213] do_syscall_64+0x3d/0x90 [ 1007.578038][T12213] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1007.583948][T12213] RIP: 0033:0x4665d9 [ 1007.587844][T12213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1007.607469][T12213] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1007.615915][T12213] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1007.624100][T12213] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:38 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1007.632075][T12213] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1007.640061][T12213] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1007.648037][T12213] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:39 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x700000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:39 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2%\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:39 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x0, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:39 executing program 4 (fault-call:1 fault-nth:89): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:39 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xc00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1007.847052][T12234] FAULT_INJECTION: forcing a failure. [ 1007.847052][T12234] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.859765][T12234] CPU: 0 PID: 12234 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1007.868196][T12234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1007.878273][T12234] Call Trace: [ 1007.881559][T12234] dump_stack_lvl+0xb7/0x103 [ 1007.886168][T12234] dump_stack+0x11/0x1a [ 1007.890345][T12234] should_fail+0x23c/0x250 [ 1007.894768][T12234] __should_failslab+0x81/0x90 [ 1007.899539][T12234] ? register_for_each_vma+0x372/0x890 [ 1007.905054][T12234] should_failslab+0x5/0x20 [ 1007.909589][T12234] kmem_cache_alloc_trace+0x49/0x310 [ 1007.914974][T12234] ? register_for_each_vma+0x372/0x890 [ 1007.920457][T12234] ? vma_interval_tree_iter_next+0x263/0x280 [ 1007.926491][T12234] register_for_each_vma+0x372/0x890 [ 1007.931799][T12234] uprobe_apply+0x8b/0x260 [ 1007.936853][T12234] ? __uprobe_trace_func+0x430/0x430 [ 1007.942194][T12234] trace_uprobe_register+0x2b6/0x410 [ 1007.947490][T12234] perf_trace_event_init+0xf8/0x790 [ 1007.952742][T12234] perf_uprobe_init+0xf5/0x140 [ 1007.957522][T12234] perf_uprobe_event_init+0xde/0x140 [ 1007.962826][T12234] perf_try_init_event+0x21a/0x400 [ 1007.968024][T12234] perf_event_alloc+0xa60/0x1790 [ 1007.973054][T12234] __se_sys_perf_event_open+0x5c7/0x2740 [ 1007.978698][T12234] ? vfs_write+0x50c/0x770 [ 1007.983268][T12234] __x64_sys_perf_event_open+0x63/0x70 [ 1007.988776][T12234] do_syscall_64+0x3d/0x90 [ 1007.993340][T12234] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1007.999266][T12234] RIP: 0033:0x4665d9 [ 1008.003194][T12234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1008.022814][T12234] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1008.031241][T12234] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1008.039261][T12234] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1008.047241][T12234] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1008.055234][T12234] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1008.063211][T12234] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:39 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x5c02000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:39 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:39 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xd00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:39 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:39 executing program 4 (fault-call:1 fault-nth:90): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:39 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@%\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:39 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1008.354235][T12266] FAULT_INJECTION: forcing a failure. [ 1008.354235][T12266] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.366926][T12266] CPU: 1 PID: 12266 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1008.375360][T12266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1008.385460][T12266] Call Trace: [ 1008.388775][T12266] dump_stack_lvl+0xb7/0x103 [ 1008.393393][T12266] dump_stack+0x11/0x1a [ 1008.397566][T12266] should_fail+0x23c/0x250 [ 1008.402106][T12266] __should_failslab+0x81/0x90 [ 1008.406884][T12266] ? register_for_each_vma+0x372/0x890 [ 1008.412405][T12266] should_failslab+0x5/0x20 [ 1008.416958][T12266] kmem_cache_alloc_trace+0x49/0x310 [ 1008.422375][T12266] ? register_for_each_vma+0x372/0x890 [ 1008.428222][T12266] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1008.434250][T12266] register_for_each_vma+0x372/0x890 [ 1008.439592][T12266] uprobe_apply+0x8b/0x260 [ 1008.444031][T12266] ? __uprobe_trace_func+0x430/0x430 [ 1008.449389][T12266] trace_uprobe_register+0x2b6/0x410 [ 1008.455141][T12266] perf_trace_event_init+0xf8/0x790 [ 1008.460380][T12266] perf_uprobe_init+0xf5/0x140 [ 1008.465209][T12266] perf_uprobe_event_init+0xde/0x140 [ 1008.470584][T12266] perf_try_init_event+0x21a/0x400 [ 1008.475711][T12266] perf_event_alloc+0xa60/0x1790 [ 1008.480666][T12266] __se_sys_perf_event_open+0x5c7/0x2740 [ 1008.486319][T12266] ? vfs_write+0x50c/0x770 [ 1008.490778][T12266] __x64_sys_perf_event_open+0x63/0x70 [ 1008.496251][T12266] do_syscall_64+0x3d/0x90 [ 1008.500730][T12266] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1008.506685][T12266] RIP: 0033:0x4665d9 [ 1008.510675][T12266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1008.530376][T12266] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1008.538992][T12266] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1008.546978][T12266] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1008.554959][T12266] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1008.563038][T12266] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1008.571035][T12266] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:40 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x800000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:40 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:40 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:40 executing program 4 (fault-call:1 fault-nth:91): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:40 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6#\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1008.806494][T12294] FAULT_INJECTION: forcing a failure. [ 1008.806494][T12294] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.819214][T12294] CPU: 0 PID: 12294 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1008.827637][T12294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1008.837701][T12294] Call Trace: [ 1008.840982][T12294] dump_stack_lvl+0xb7/0x103 [ 1008.845665][T12294] dump_stack+0x11/0x1a [ 1008.849899][T12294] should_fail+0x23c/0x250 [ 1008.854324][T12294] __should_failslab+0x81/0x90 [ 1008.859517][T12294] ? register_for_each_vma+0x372/0x890 [ 1008.864980][T12294] should_failslab+0x5/0x20 [ 1008.869484][T12294] kmem_cache_alloc_trace+0x49/0x310 [ 1008.874820][T12294] ? register_for_each_vma+0x372/0x890 [ 1008.880281][T12294] ? vma_interval_tree_iter_next+0x24c/0x280 [ 1008.886301][T12294] register_for_each_vma+0x372/0x890 [ 1008.891603][T12294] uprobe_apply+0x8b/0x260 [ 1008.896110][T12294] ? __uprobe_trace_func+0x430/0x430 [ 1008.901401][T12294] trace_uprobe_register+0x2b6/0x410 [ 1008.906687][T12294] perf_trace_event_init+0xf8/0x790 [ 1008.911934][T12294] perf_uprobe_init+0xf5/0x140 [ 1008.916848][T12294] perf_uprobe_event_init+0xde/0x140 [ 1008.922153][T12294] perf_try_init_event+0x21a/0x400 [ 1008.927361][T12294] perf_event_alloc+0xa60/0x1790 [ 1008.932304][T12294] __se_sys_perf_event_open+0x5c7/0x2740 [ 1008.937971][T12294] ? vfs_write+0x50c/0x770 [ 1008.942400][T12294] __x64_sys_perf_event_open+0x63/0x70 [ 1008.947865][T12294] do_syscall_64+0x3d/0x90 [ 1008.952284][T12294] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1008.958342][T12294] RIP: 0033:0x4665d9 [ 1008.962233][T12294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1008.981887][T12294] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1008.990316][T12294] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1008.998380][T12294] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1009.006370][T12294] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1009.014379][T12294] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1009.022498][T12294] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:40 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x5d02000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:40 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:40 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:40 executing program 4 (fault-call:1 fault-nth:92): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:40 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:40 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1009.250058][T12323] FAULT_INJECTION: forcing a failure. [ 1009.250058][T12323] name failslab, interval 1, probability 0, space 0, times 0 [ 1009.262826][T12323] CPU: 0 PID: 12323 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1009.271253][T12323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1009.281320][T12323] Call Trace: [ 1009.284649][T12323] dump_stack_lvl+0xb7/0x103 [ 1009.289267][T12323] dump_stack+0x11/0x1a [ 1009.293494][T12323] should_fail+0x23c/0x250 [ 1009.297944][T12323] __should_failslab+0x81/0x90 [ 1009.302713][T12323] ? register_for_each_vma+0x372/0x890 [ 1009.308195][T12323] should_failslab+0x5/0x20 [ 1009.312715][T12323] kmem_cache_alloc_trace+0x49/0x310 [ 1009.318039][T12323] ? register_for_each_vma+0x372/0x890 [ 1009.323505][T12323] ? vma_interval_tree_iter_next+0x263/0x280 [ 1009.329516][T12323] register_for_each_vma+0x372/0x890 [ 1009.334806][T12323] uprobe_apply+0x8b/0x260 [ 1009.339246][T12323] ? __uprobe_trace_func+0x430/0x430 [ 1009.344548][T12323] trace_uprobe_register+0x2b6/0x410 [ 1009.349843][T12323] perf_trace_event_init+0xf8/0x790 [ 1009.355352][T12323] perf_uprobe_init+0xf5/0x140 [ 1009.360138][T12323] perf_uprobe_event_init+0xde/0x140 [ 1009.365447][T12323] perf_try_init_event+0x21a/0x400 [ 1009.370559][T12323] perf_event_alloc+0xa60/0x1790 [ 1009.375510][T12323] __se_sys_perf_event_open+0x5c7/0x2740 [ 1009.381191][T12323] ? vfs_write+0x50c/0x770 [ 1009.385621][T12323] __x64_sys_perf_event_open+0x63/0x70 [ 1009.391084][T12323] do_syscall_64+0x3d/0x90 [ 1009.395585][T12323] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1009.401494][T12323] RIP: 0033:0x4665d9 [ 1009.405387][T12323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1009.425001][T12323] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1009.433428][T12323] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1009.441481][T12323] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 10:48:40 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1009.449456][T12323] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1009.457430][T12323] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1009.465538][T12323] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:40 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xa00000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:40 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6%\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:40 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:41 executing program 4 (fault-call:1 fault-nth:93): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:41 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1009.766145][T12353] FAULT_INJECTION: forcing a failure. [ 1009.766145][T12353] name failslab, interval 1, probability 0, space 0, times 0 [ 1009.778888][T12353] CPU: 1 PID: 12353 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1009.787329][T12353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1009.797383][T12353] Call Trace: [ 1009.800666][T12353] dump_stack_lvl+0xb7/0x103 [ 1009.805307][T12353] dump_stack+0x11/0x1a [ 1009.809467][T12353] should_fail+0x23c/0x250 [ 1009.813937][T12353] __should_failslab+0x81/0x90 [ 1009.818699][T12353] ? update_ref_ctr+0x28e/0x610 [ 1009.823548][T12353] should_failslab+0x5/0x20 [ 1009.828055][T12353] kmem_cache_alloc_trace+0x49/0x310 [ 1009.833439][T12353] update_ref_ctr+0x28e/0x610 [ 1009.838116][T12353] uprobe_write_opcode+0x34c/0x1050 [ 1009.843369][T12353] ? insn_rip_relative+0x86/0xe0 [ 1009.848331][T12353] ? arch_uprobe_analyze_insn+0x2d4/0x420 [ 1009.854130][T12353] set_swbp+0x26/0x30 [ 1009.858127][T12353] install_breakpoint+0x3f3/0x4d0 [ 1009.863158][T12353] register_for_each_vma+0x6e7/0x890 [ 1009.868480][T12353] uprobe_apply+0x8b/0x260 [ 1009.872902][T12353] ? __uprobe_trace_func+0x430/0x430 [ 1009.878195][T12353] trace_uprobe_register+0x2b6/0x410 [ 1009.883484][T12353] perf_trace_event_init+0xf8/0x790 [ 1009.888692][T12353] perf_uprobe_init+0xf5/0x140 [ 1009.893466][T12353] perf_uprobe_event_init+0xde/0x140 [ 1009.898868][T12353] perf_try_init_event+0x21a/0x400 [ 1009.904026][T12353] perf_event_alloc+0xa60/0x1790 [ 1009.909020][T12353] __se_sys_perf_event_open+0x5c7/0x2740 [ 1009.914664][T12353] ? vfs_write+0x50c/0x770 [ 1009.919106][T12353] __x64_sys_perf_event_open+0x63/0x70 [ 1009.924579][T12353] do_syscall_64+0x3d/0x90 [ 1009.929015][T12353] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1009.934999][T12353] RIP: 0033:0x4665d9 [ 1009.938929][T12353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1009.958692][T12353] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1009.967121][T12353] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1009.975156][T12353] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1009.983146][T12353] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1009.991241][T12353] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1009.999224][T12353] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:41 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x6000000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:41 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:41 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:41 executing program 4 (fault-call:1 fault-nth:94): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:41 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6*\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1010.147769][T12377] FAULT_INJECTION: forcing a failure. [ 1010.147769][T12377] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1010.161071][T12377] CPU: 0 PID: 12377 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1010.169544][T12377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1010.179721][T12377] Call Trace: [ 1010.183005][T12377] dump_stack_lvl+0xb7/0x103 [ 1010.187630][T12377] dump_stack+0x11/0x1a [ 1010.191795][T12377] should_fail+0x23c/0x250 [ 1010.196225][T12377] __alloc_pages+0x102/0x320 [ 1010.200823][T12377] alloc_pages_vma+0x391/0x660 [ 1010.205645][T12377] ? update_ref_ctr+0x568/0x610 [ 1010.210526][T12377] uprobe_write_opcode+0x3e9/0x1050 [ 1010.215737][T12377] ? insn_rip_relative+0x86/0xe0 [ 1010.220936][T12377] ? arch_uprobe_analyze_insn+0x2d4/0x420 [ 1010.226727][T12377] set_swbp+0x26/0x30 [ 1010.230759][T12377] install_breakpoint+0x3f3/0x4d0 [ 1010.235846][T12377] register_for_each_vma+0x6e7/0x890 [ 1010.241151][T12377] uprobe_apply+0x8b/0x260 [ 1010.245572][T12377] ? __uprobe_trace_func+0x430/0x430 [ 1010.250979][T12377] trace_uprobe_register+0x2b6/0x410 [ 1010.256272][T12377] perf_trace_event_init+0xf8/0x790 [ 1010.261617][T12377] perf_uprobe_init+0xf5/0x140 [ 1010.266403][T12377] perf_uprobe_event_init+0xde/0x140 [ 1010.271781][T12377] perf_try_init_event+0x21a/0x400 [ 1010.276905][T12377] perf_event_alloc+0xa60/0x1790 [ 1010.281925][T12377] __se_sys_perf_event_open+0x5c7/0x2740 [ 1010.287597][T12377] ? vfs_write+0x50c/0x770 [ 1010.292021][T12377] __x64_sys_perf_event_open+0x63/0x70 [ 1010.297501][T12377] do_syscall_64+0x3d/0x90 [ 1010.301934][T12377] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1010.307918][T12377] RIP: 0033:0x4665d9 [ 1010.311810][T12377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1010.331811][T12377] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1010.340314][T12377] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 10:48:41 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:41 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1010.348336][T12377] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1010.356314][T12377] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1010.364302][T12377] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1010.372290][T12377] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:41 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xb00000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:41 executing program 4 (fault-call:1 fault-nth:95): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1010.652929][T12405] FAULT_INJECTION: forcing a failure. [ 1010.652929][T12405] name failslab, interval 1, probability 0, space 0, times 0 [ 1010.665611][T12405] CPU: 0 PID: 12405 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1010.674291][T12405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1010.684348][T12405] Call Trace: [ 1010.687631][T12405] dump_stack_lvl+0xb7/0x103 [ 1010.692246][T12405] dump_stack+0x11/0x1a [ 1010.696416][T12405] should_fail+0x23c/0x250 [ 1010.700859][T12405] __should_failslab+0x81/0x90 [ 1010.705681][T12405] ? update_ref_ctr+0x28e/0x610 [ 1010.710533][T12405] should_failslab+0x5/0x20 [ 1010.715039][T12405] kmem_cache_alloc_trace+0x49/0x310 [ 1010.720341][T12405] ? __mod_memcg_lruvec_state+0xa7/0x190 [ 1010.725976][T12405] update_ref_ctr+0x28e/0x610 [ 1010.730710][T12405] uprobe_write_opcode+0x34c/0x1050 [ 1010.735911][T12405] ? arch_uprobe_analyze_insn+0x2d4/0x420 [ 1010.741736][T12405] set_swbp+0x26/0x30 [ 1010.745721][T12405] install_breakpoint+0x3f3/0x4d0 [ 1010.750774][T12405] ? ___cache_free+0x3c/0x300 [ 1010.755456][T12405] ? vmacache_find+0x39/0x320 [ 1010.760246][T12405] ? find_vma+0x12/0x100 [ 1010.764500][T12405] ? vmacache_update+0x45/0xa0 [ 1010.769319][T12405] register_for_each_vma+0x6e7/0x890 [ 1010.774691][T12405] uprobe_apply+0x8b/0x260 [ 1010.779114][T12405] ? __uprobe_trace_func+0x430/0x430 [ 1010.784480][T12405] trace_uprobe_register+0x2b6/0x410 [ 1010.789771][T12405] perf_trace_event_init+0xf8/0x790 [ 1010.795046][T12405] perf_uprobe_init+0xf5/0x140 [ 1010.799815][T12405] perf_uprobe_event_init+0xde/0x140 [ 1010.805111][T12405] perf_try_init_event+0x21a/0x400 [ 1010.810229][T12405] perf_event_alloc+0xa60/0x1790 [ 1010.815232][T12405] __se_sys_perf_event_open+0x5c7/0x2740 [ 1010.820865][T12405] ? vfs_write+0x50c/0x770 [ 1010.825285][T12405] __x64_sys_perf_event_open+0x63/0x70 [ 1010.830753][T12405] do_syscall_64+0x3d/0x90 [ 1010.835209][T12405] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1010.841116][T12405] RIP: 0033:0x4665d9 [ 1010.845011][T12405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1010.864654][T12405] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1010.873141][T12405] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1010.881124][T12405] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1010.889098][T12405] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 10:48:42 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6+\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:42 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280), 0x0) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:42 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1010.897165][T12405] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1010.905275][T12405] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:42 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x6800000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:42 executing program 4 (fault-call:1 fault-nth:96): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:42 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280), 0x0) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:42 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:42 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280), 0x0) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:42 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1011.086017][T12435] FAULT_INJECTION: forcing a failure. [ 1011.086017][T12435] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1011.099346][T12435] CPU: 1 PID: 12435 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1011.107769][T12435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1011.117884][T12435] Call Trace: [ 1011.121160][T12435] dump_stack_lvl+0xb7/0x103 [ 1011.125768][T12435] dump_stack+0x11/0x1a [ 1011.129933][T12435] should_fail+0x23c/0x250 [ 1011.134360][T12435] __alloc_pages+0x102/0x320 [ 1011.138988][T12435] alloc_pages_vma+0x391/0x660 [ 1011.143791][T12435] ? update_ref_ctr+0x568/0x610 [ 1011.148636][T12435] uprobe_write_opcode+0x3e9/0x1050 [ 1011.153857][T12435] ? arch_uprobe_analyze_insn+0x2d4/0x420 [ 1011.159589][T12435] set_swbp+0x26/0x30 [ 1011.163571][T12435] install_breakpoint+0x3f3/0x4d0 [ 1011.168677][T12435] ? ___cache_free+0x3c/0x300 [ 1011.173376][T12435] ? vmacache_find+0x39/0x320 [ 1011.178218][T12435] ? find_vma+0x12/0x100 [ 1011.182517][T12435] ? vmacache_update+0x45/0xa0 [ 1011.187334][T12435] register_for_each_vma+0x6e7/0x890 [ 1011.192630][T12435] uprobe_apply+0x8b/0x260 [ 1011.197055][T12435] ? __uprobe_trace_func+0x430/0x430 [ 1011.202359][T12435] trace_uprobe_register+0x2b6/0x410 [ 1011.207654][T12435] perf_trace_event_init+0xf8/0x790 [ 1011.212886][T12435] perf_uprobe_init+0xf5/0x140 [ 1011.217679][T12435] perf_uprobe_event_init+0xde/0x140 [ 1011.222986][T12435] perf_try_init_event+0x21a/0x400 [ 1011.228147][T12435] perf_event_alloc+0xa60/0x1790 [ 1011.233133][T12435] __se_sys_perf_event_open+0x5c7/0x2740 [ 1011.238794][T12435] __x64_sys_perf_event_open+0x63/0x70 [ 1011.244271][T12435] do_syscall_64+0x3d/0x90 [ 1011.248716][T12435] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1011.254685][T12435] RIP: 0033:0x4665d9 [ 1011.258593][T12435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1011.278247][T12435] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1011.286680][T12435] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1011.294675][T12435] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1011.302668][T12435] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1011.310656][T12435] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1011.318642][T12435] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:42 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6-\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:42 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x1800000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:42 executing program 4 (fault-call:1 fault-nth:97): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:42 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:42 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:42 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6.\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1011.538312][T12465] FAULT_INJECTION: forcing a failure. [ 1011.538312][T12465] name failslab, interval 1, probability 0, space 0, times 0 [ 1011.550983][T12465] CPU: 1 PID: 12465 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1011.559437][T12465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1011.569501][T12465] Call Trace: [ 1011.572810][T12465] dump_stack_lvl+0xb7/0x103 [ 1011.577473][T12465] dump_stack+0x11/0x1a [ 1011.581684][T12465] should_fail+0x23c/0x250 [ 1011.586183][T12465] __should_failslab+0x81/0x90 [ 1011.590960][T12465] ? update_ref_ctr+0x28e/0x610 [ 1011.595807][T12465] should_failslab+0x5/0x20 [ 1011.600313][T12465] kmem_cache_alloc_trace+0x49/0x310 [ 1011.605608][T12465] ? __mod_memcg_lruvec_state+0xa7/0x190 [ 1011.611269][T12465] update_ref_ctr+0x28e/0x610 [ 1011.615959][T12465] uprobe_write_opcode+0x34c/0x1050 [ 1011.621238][T12465] ? arch_uprobe_analyze_insn+0x2d4/0x420 [ 1011.626985][T12465] set_swbp+0x26/0x30 [ 1011.630974][T12465] install_breakpoint+0x3f3/0x4d0 [ 1011.636011][T12465] ? ___cache_free+0x3c/0x300 [ 1011.640782][T12465] ? vmacache_find+0x39/0x320 [ 1011.645469][T12465] ? find_vma+0x12/0x100 [ 1011.649718][T12465] ? vmacache_update+0x45/0xa0 [ 1011.654551][T12465] register_for_each_vma+0x6e7/0x890 [ 1011.659852][T12465] uprobe_apply+0x8b/0x260 [ 1011.664286][T12465] ? __uprobe_trace_func+0x430/0x430 [ 1011.669580][T12465] trace_uprobe_register+0x2b6/0x410 [ 1011.674869][T12465] perf_trace_event_init+0xf8/0x790 [ 1011.680082][T12465] perf_uprobe_init+0xf5/0x140 [ 1011.684895][T12465] perf_uprobe_event_init+0xde/0x140 [ 1011.690378][T12465] perf_try_init_event+0x21a/0x400 [ 1011.695499][T12465] perf_event_alloc+0xa60/0x1790 [ 1011.700436][T12465] __se_sys_perf_event_open+0x5c7/0x2740 [ 1011.706070][T12465] ? vfs_write+0x50c/0x770 [ 1011.710569][T12465] __x64_sys_perf_event_open+0x63/0x70 [ 1011.716023][T12465] do_syscall_64+0x3d/0x90 [ 1011.720717][T12465] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1011.726633][T12465] RIP: 0033:0x4665d9 [ 1011.730535][T12465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1011.750182][T12465] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1011.758702][T12465] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1011.766678][T12465] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1011.774673][T12465] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1011.782665][T12465] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1011.790689][T12465] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:43 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x6902000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:43 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:43 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:43 executing program 4 (fault-call:1 fault-nth:98): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:43 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb60\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:43 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7a00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:43 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) [ 1011.999048][T12504] FAULT_INJECTION: forcing a failure. [ 1011.999048][T12504] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1012.012347][T12504] CPU: 0 PID: 12504 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1012.020770][T12504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1012.030945][T12504] Call Trace: [ 1012.034240][T12504] dump_stack_lvl+0xb7/0x103 [ 1012.038858][T12504] dump_stack+0x11/0x1a [ 1012.043019][T12504] should_fail+0x23c/0x250 [ 1012.047485][T12504] __alloc_pages+0x102/0x320 [ 1012.052191][T12504] alloc_pages_vma+0x391/0x660 [ 1012.056968][T12504] ? update_ref_ctr+0x568/0x610 [ 1012.061825][T12504] uprobe_write_opcode+0x3e9/0x1050 [ 1012.067025][T12504] ? arch_uprobe_analyze_insn+0x2d4/0x420 [ 1012.072838][T12504] set_swbp+0x26/0x30 [ 1012.076820][T12504] install_breakpoint+0x3f3/0x4d0 [ 1012.081859][T12504] ? ___cache_free+0x3c/0x300 [ 1012.086621][T12504] ? vmacache_find+0x39/0x320 [ 1012.091343][T12504] ? find_vma+0x12/0x100 [ 1012.095713][T12504] ? vmacache_update+0x45/0xa0 [ 1012.100515][T12504] register_for_each_vma+0x6e7/0x890 [ 1012.106075][T12504] uprobe_apply+0x8b/0x260 [ 1012.110490][T12504] ? __uprobe_trace_func+0x430/0x430 [ 1012.115785][T12504] trace_uprobe_register+0x2b6/0x410 [ 1012.121553][T12504] perf_trace_event_init+0xf8/0x790 [ 1012.126793][T12504] perf_uprobe_init+0xf5/0x140 [ 1012.131598][T12504] perf_uprobe_event_init+0xde/0x140 [ 1012.136896][T12504] perf_try_init_event+0x21a/0x400 [ 1012.142015][T12504] perf_event_alloc+0xa60/0x1790 [ 1012.146960][T12504] __se_sys_perf_event_open+0x5c7/0x2740 [ 1012.152598][T12504] ? vfs_write+0x50c/0x770 [ 1012.157091][T12504] __x64_sys_perf_event_open+0x63/0x70 [ 1012.162559][T12504] do_syscall_64+0x3d/0x90 [ 1012.167066][T12504] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1012.172972][T12504] RIP: 0033:0x4665d9 [ 1012.176863][T12504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1012.196574][T12504] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1012.205112][T12504] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1012.213094][T12504] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1012.221077][T12504] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 [ 1012.229111][T12504] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 1012.237306][T12504] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:43 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2000000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:43 executing program 4 (fault-call:1 fault-nth:99): openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:43 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:43 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6L\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) [ 1012.518418][T12531] FAULT_INJECTION: forcing a failure. [ 1012.518418][T12531] name failslab, interval 1, probability 0, space 0, times 0 [ 1012.531206][T12531] CPU: 0 PID: 12531 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 1012.539650][T12531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1012.549703][T12531] Call Trace: [ 1012.553097][T12531] dump_stack_lvl+0xb7/0x103 [ 1012.557699][T12531] dump_stack+0x11/0x1a [ 1012.561867][T12531] should_fail+0x23c/0x250 [ 1012.566283][T12531] __should_failslab+0x81/0x90 [ 1012.571060][T12531] ? update_ref_ctr+0x28e/0x610 [ 1012.575971][T12531] should_failslab+0x5/0x20 [ 1012.580471][T12531] kmem_cache_alloc_trace+0x49/0x310 [ 1012.585761][T12531] ? __mod_memcg_lruvec_state+0xa7/0x190 [ 1012.591444][T12531] update_ref_ctr+0x28e/0x610 [ 1012.596144][T12531] uprobe_write_opcode+0x34c/0x1050 [ 1012.601335][T12531] ? arch_uprobe_analyze_insn+0x2d4/0x420 [ 1012.607183][T12531] set_swbp+0x26/0x30 [ 1012.611163][T12531] install_breakpoint+0x3f3/0x4d0 [ 1012.616187][T12531] ? ___cache_free+0x3c/0x300 [ 1012.620868][T12531] ? vmacache_find+0x39/0x320 [ 1012.625586][T12531] ? find_vma+0x12/0x100 [ 1012.629851][T12531] ? vmacache_update+0x45/0xa0 [ 1012.634619][T12531] register_for_each_vma+0x6e7/0x890 [ 1012.639908][T12531] uprobe_apply+0x8b/0x260 [ 1012.644318][T12531] ? __uprobe_trace_func+0x430/0x430 [ 1012.649665][T12531] trace_uprobe_register+0x2b6/0x410 [ 1012.654970][T12531] perf_trace_event_init+0xf8/0x790 [ 1012.660173][T12531] perf_uprobe_init+0xf5/0x140 [ 1012.664958][T12531] perf_uprobe_event_init+0xde/0x140 [ 1012.670250][T12531] perf_try_init_event+0x21a/0x400 [ 1012.675487][T12531] perf_event_alloc+0xa60/0x1790 [ 1012.680476][T12531] __se_sys_perf_event_open+0x5c7/0x2740 [ 1012.686121][T12531] ? vfs_write+0x50c/0x770 [ 1012.690533][T12531] __x64_sys_perf_event_open+0x63/0x70 [ 1012.695997][T12531] do_syscall_64+0x3d/0x90 [ 1012.700423][T12531] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1012.706323][T12531] RIP: 0033:0x4665d9 [ 1012.710218][T12531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1012.729885][T12531] RSP: 002b:00007fda75b57188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1012.738412][T12531] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1012.748553][T12531] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180 [ 1012.756528][T12531] RBP: 00007fda75b571d0 R08: 0000000000000000 R09: 0000000000000000 10:48:44 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb301, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1012.764525][T12531] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000003 [ 1012.772501][T12531] R13: 00007ffefd242e0f R14: 00007fda75b57300 R15: 0000000000022000 10:48:44 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:44 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:44 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x6c00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:44 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:44 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:44 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:44 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2600000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:44 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6X\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:44 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:44 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80ffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:44 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:44 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:44 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:45 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x7400000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:45 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1004000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:45 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:45 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6c\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2d05000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:45 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:45 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0xf, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:45 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6d\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:45 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:45 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1014.389830][T12670] ref_ctr_offset mismatch. inode: 0x361c offset: 0x0 ref_ctr_offset(old): 0x18 ref_ctr_offset(new): 0x4 10:48:46 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x7a00000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:46 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(0x0, 0x7) 10:48:46 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6h\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:46 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:46 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x3f00000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:46 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(0x0, 0x7) 10:48:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x20000200, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:46 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:46 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6i\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:46 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) gettid() r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(0x0, 0x7) 10:48:46 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:46 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x7fffffffffffffff, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:46 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6l\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:46 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x0) 10:48:46 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:47 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x4000080000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:47 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x0) 10:48:47 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:47 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6o\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:47 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x0) 10:48:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:47 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:47 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:47 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x8303000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:47 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6p\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:48 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x8004000000000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:48 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:48 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\t\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:48 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:48 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6t\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:48 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:48 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x6, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:48 executing program 0 (fault-call:7 fault-nth:0): r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:48 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xc000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1017.178295][T12858] FAULT_INJECTION: forcing a failure. [ 1017.178295][T12858] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1017.191557][T12858] CPU: 1 PID: 12858 Comm: syz-executor.0 Not tainted 5.13.0-syzkaller #0 [ 1017.200065][T12858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1017.210123][T12858] Call Trace: [ 1017.213406][T12858] dump_stack_lvl+0xb7/0x103 [ 1017.218005][T12858] dump_stack+0x11/0x1a [ 1017.222164][T12858] should_fail+0x23c/0x250 [ 1017.226635][T12858] should_fail_usercopy+0x16/0x20 [ 1017.231685][T12858] _copy_to_user+0x1c/0x90 [ 1017.236173][T12858] simple_read_from_buffer+0xab/0x120 [ 1017.241616][T12858] proc_fail_nth_read+0xf6/0x140 [ 1017.246605][T12858] ? rw_verify_area+0x136/0x250 [ 1017.251453][T12858] ? proc_fault_inject_write+0x200/0x200 [ 1017.257088][T12858] vfs_read+0x154/0x5d0 [ 1017.261240][T12858] ? fput+0x2d/0x130 [ 1017.265132][T12858] ? __do_sys_io_uring_register+0x24e/0x1b90 [ 1017.271167][T12858] ? __fget_light+0x21b/0x260 [ 1017.275902][T12858] ? __cond_resched+0x11/0x40 [ 1017.280586][T12858] ksys_read+0xce/0x180 [ 1017.284756][T12858] __x64_sys_read+0x3e/0x50 [ 1017.289258][T12858] do_syscall_64+0x3d/0x90 [ 1017.293677][T12858] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1017.299572][T12858] RIP: 0033:0x41935c [ 1017.303476][T12858] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1017.323196][T12858] RSP: 002b:00007f12c2e40170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1017.331610][T12858] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c [ 1017.339590][T12858] RDX: 000000000000000f RSI: 00007f12c2e401e0 RDI: 0000000000000005 [ 1017.347558][T12858] RBP: 00007f12c2e401d0 R08: 0000000000000000 R09: 0000000000000000 [ 1017.355523][T12858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1017.363486][T12858] R13: 00007ffc39db510f R14: 00007f12c2e40300 R15: 0000000000022000 10:48:48 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x8403000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:48 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6u\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:48 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:49 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xf6ffffff00000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:49 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xd000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:49 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:49 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6x\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:49 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:49 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xe000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:49 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x2, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:49 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:49 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:49 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x8603000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:49 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:49 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xa, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:50 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfcfdffff00000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:50 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6z\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x4, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xb, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:50 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x11000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:50 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x12000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xc, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x5, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:50 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:50 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x8cffffff00000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:50 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:50 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x02\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:51 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfdfdffff00000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xd, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:51 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x6, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:51 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x26000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:51 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x03\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:51 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x7, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:51 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x27000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xe, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:51 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:51 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x9601000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:51 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x8, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:51 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x04\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:51 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfeffffff00000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x10, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:51 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x48000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:51 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:51 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x05\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:52 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:52 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:52 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:52 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:52 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0x97ffffff00000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:52 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xb, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:52 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x12, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:52 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfeffffffffffffff, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:52 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:52 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x06\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:52 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x1c, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:52 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xc, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:52 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x74000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:53 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x26, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:53 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7a000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:53 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xd, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:53 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xa201000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:53 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\a\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:53 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xe, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:53 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffff7f00000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:53 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x27, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:53 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8cffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:53 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x10, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:53 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\b\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:53 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x2000, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:53 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb3010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:53 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x48, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:54 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xf6ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:54 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xa301000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:54 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\t\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:54 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x20000000, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:54 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffff00000000, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x4c, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:54 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfeffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:54 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x2000000000000000, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:54 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\n\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:54 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffff8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:54 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)={0x0, 0xda92, 0x28, 0x0, 0x79}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000040)=[r2]}, 0x1) preadv(r2, &(0x7f0000000200)=[{&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f0000000340)=""/222, 0xde}], 0x2, 0x200, 0x6) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000100)={0xf504, 0x0, &(0x7f00000000c0)=[r2]}, 0x1) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_io_uring_setup(0x5d8b, &(0x7f0000000440)={0x0, 0xfd4e, 0x0, 0x3, 0x2c4, 0x0, r2}, &(0x7f00000c3000/0x3000)=nil, &(0x7f000016c000/0x1000)=nil, &(0x7f0000000240), &(0x7f00000004c0)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x68, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:54 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:55 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xa826000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:55 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000000040)=r3, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/77, 0x4d}, {&(0x7f0000000100)=""/229, 0xe5}, {&(0x7f0000000200)=""/43, 0x2b}, {&(0x7f0000000340)=""/75, 0x4b}, {&(0x7f00000003c0)=""/219, 0xdb}], 0x5) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:55 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:55 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xfffffffffffffffe, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:55 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\v\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:55 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x6c, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:55 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000405000/0x4000)=nil, 0x4000, 0x9, 0x30, r3, 0x25fcb000) tkill(r1, 0x7) 10:48:55 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffff6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:55 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x74, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:55 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:55 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x8000, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x4f}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3}, 0x0) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="0400050900000000666174000404090a020002740ef801", 0x17}], 0x0, &(0x7f00000004c0)=ANY=[]) chdir(&(0x7f0000000000)='./file1\x00') r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='cpuacct.usage_user\x00', 0x26e1, 0x0) write$cgroup_type(r3, &(0x7f0000000140), 0x12000005f) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) 10:48:55 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:56 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xb426000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:56 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:56 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x0, 0xd9f, 0x3ff) gettid() io_uring_setup(0x22c17, &(0x7f0000000180)={0x0, 0x77b3, 0x4, 0x0, 0x356}) r1 = socket$unix(0x1, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_SEND={0x1a, 0x4, 0x0, r1, 0x0, &(0x7f0000000340)="727f08c40d02d1572196da1da7319676e3e45d194817182f0d40aac1bfcbff45f392ab36b9c4025b35cc714c4610221473ee271c5d8db22309cd6e4a657143a4ccaf00bf18dc17cc5725e26c394a5c10dd23c15d8bb3f4e053c69dd4de911bd1134d1f75372204da38a167a34239dc60c36b51ee24a060606d37eccabe162d7b782c53ff016225fa4215803729a989ebe7f010dc28d1cc2ea23127a2050dbaa38ab335d0d45a415b91d3feaaf72cb4b4e67482352561c4543af64f7f45781ae02b6d0a861f21d37a1a4792eae8401af24ca8ad12cae5a05440e0a64dfa33421629131aa3c6ebbccd361fd17bd3cdb9a1178a55120d5d83643b3bfb9ac3b5c91bdd58281de0157029b1c4659ffe28533f9799abb0491f06e5df879e229ead6a0c094f79c0b756b2fd5e63ab32e0370e8d7e445ee7bf8805f63e9bc5ab683daad55bb2596ca68e68407e8dc91898074b02847f5c182e13e746ab0fdb39efd72de1fd758b175f60cdbcf7852ad1c01872be8ae47f3aeac15fa1bbfa1058c1979e6abebc066ddd778cf2d3ef9b50a0d3450935b37bfa0ace9756b2e5672febcd569e7f6639f6fa00cb3be092ca6e855ca85e32499ee0fb8e3157b3e7f91f9f57609055bb0cba6ab76237e9f53d12ff64ab67d6282cffc4f9db5eb6ee3f100b8d426278ac3b97e7287c5b62797ad9fba9dee522b3a535a2003511f1529b3acd1167ed98a0846d82f5412eb50300559f56869501c82e34424b23eb690d3296b569f3d671fad82c6dcfe9f94576956bef1a037f13993a25946c556dbd6b1ddbd26a2726f6ac34718b35f7ce288e846f937f11a3fd3a74cbad2654ba6938bf8b854c51be818c44691a006b09dc862c836a864d10c65b8ed42f7790dafca147ea9cbf5d6550361b39ffed1c956d2d475668e3ab1158e6d964fa8f9a95bf413900c1e47711b8357293d6219aee7b9452a17947de34c140c4c5aaeee01f027d66a900a02ebbac51bfd503006969f81a8b3c597cb823fca6a9305bcb17cf6ed5bffb292ddf23942a272d62eaf31d73372569ba9578295289896469b3561e8c891c7fe7b64d699957847990e35bc6e5f0fc926782c54e611ad5a9cf46497c24058346cdb936b1020c4f4e5615c63d33fcf71bd6d05c3f7e1e0ca2120d242ad9ebc3909f31312c922e3d001151398c8d8fe6f1a88b0b3fb14cbe41ce0f993309232848245c9aeefc265755e11e50057fcfd7beb3d88ce8572d3d8d8820e54b917ba8cb31d592575f3f1b462ae174ee3ea7d42821aa4ddca9ae1edac205e35b3032d9af9413b907c4b1527ff263d01923895ad1080ce6fb91154da1a7be6845fd57ce4278a628dba94d58232577abd7a52d4f27c1725fb8a02b8caa9662a1246308724cd3f7e677df021386a7e7bdebbe0a2560ce6f3615d60f2531fcf941a602db6611361133f8908b7f846435ef37b157f8a2dc8f1580b237388008c13a0eaede0f9ceac7131b096dd54061317e3371611782aa78210dd92e0c144731747c2b720c02a81932d5ecbab6f4cb8e6886a353c5bf3a7d1754e03863df0047632ade28cab4021078a4df35b94037103d4e360a78c89eabf19cb72b5b99a10409ba13b1658c27a7aefde23059aa5d721a2ac127e797e53554a6f19965b0b2804f32595c83a69249d14389dd20a910b9d30ceab5a26c2ea5b7b641397d00a6471e3951e314df1e59ca6888d67e68a113c745cb2adb39c8c6b7ef363821879ab652a779ed17ebe61fd8afefbb658c97b3f80f52ab5fdb307f093e5eb8670e15427c7c2cf70ae7454681ef4b49a3fb5396e8bd3b557ce0581545f53954512a734455f1b51700f9430a4ac1d1720c3b81722a32293a1a6918a3eb0fc1b39e300b7900ec08315d41af8a9cb538015c6efe3b4fe7b451dcc6982142855e751e1fa822adf510c0d3ac7587e7b1ac65b2f4c25b0d481adbbb3237c85fd9beb5df8887818c6253ba514681d55cf4a90679b1af67413db60acc3c5d84e72d1cefd36cb8819cf41685b787c91661e7d52e9a7601eb0cdcc2404d2c329e88838f471fefb9a9ecdd2f13fdc7c8c994b4dc998e5f1ef64d9d0929a1c8b8aa412296c5630789865e59c173f50c0e5b1d162e527e4c690fa4914f4d15399634fb825e0d9627917b0e29412b5af4efe986cdf0b0385a71e65ba00586c912f42b41130498ea4bbabcdce6140997f58781f0ee42927876a11e1cfa1f043ec16ca2c3eaed5e1ca39e22968e3b9b86ee61ff1aca12d5394517c864bef62e922bb0e6a073c55d3358683fe152c21b6212d7cb19d310def9825597595e4d0862b03b8b0799e8e4e6bab5fd6abc272a78a5fa4ae4694793f540b905b4fec36b3cfbbea3e33622b61ac1e323e36dafc30d74558f59d3e7d3e39efb21084047db44f104e16a421f380e9abe6415eb048cf5503daa4268b849885700f6f823e8a8db9c72ba664cdf37332f6428b0604e6eb6c96f67a72452f070c179a3b12080a80bdb4163020fb0940230cdb841feedd2f4a8836878845f7fb7a6e16487f9dee497899aa6a0c8066db1dea1901fad831a66e76cbf94cae983018b5e8201a810f04260bb3e7127276419122cf3c596e736f025e14452b3a652eab3569632e93a9b77b76d6a3d798379e34f88944590b60115d77231d6ebbc685987ef50fc1ca73ffbbb271cc1532862096cc7aa890f764e02a5bb864cd90bf520672ce03093f642939149e559a61ce5c401b9b9f2bd2f20acec865a581b387f2519fc320b98be8b89a5959814b84905f38cc0a81719001b87ba79eb9217a8d12dd0f6ccad30c6bfbe2c199c84011d98d10fd88d594cdd39ee5d71cfae0f5359e9e396a665676a1bab134d5694c414265c28431697c7a5382fd5f1a34ad73d4a0b041bd994043e3bfe26470ceb08cc7f6e7050cd41b60cdcab5f522e5a7c6295ccd0d5ee2d28d725e21e91aee12a8f4d8b8b12bcdbc21b06fc51bcd954a07aa5b18322d18415e3fd708659dcc6b0c03d797c2e65c07314948f66a1f4372e29bcd35535e4344b177f130903b344db84a6b31444cb3611263f34823d180b04e5a0d8aa8ae3a5a814b4106e487f7139382899bf8ac36f6b2f7d30f59064b06c7b562bdbca1d78e9ebc14c5dd326ce1d796bd88d59dd85ceb3219e6171af6b2597438748231a07642263ccc34581857bfb8e8be2ce6188d45b3e65b876fd06cc9513d88a158d8b1cb81a35ad005505d1c66e1acc067a13152a789000a3a72a7b97f8c4574a4c57dfa3ea2934b65ce669104ce4c96931c59990348c3cd08974a35154d76f6749f12a5fe8781d1ab87b3ab496c531f9864e7c978def528639d2341b000e052fc4dc5b6b27e13eb5bfe804347cd57f3b64cf72e8d8a5f3eed161263078e45be0b55e9e58ab1d290d41bd3e9bdb9b74e55591b8667d667fc9977d2d5e853212964574470169a0f0c1ae403268ffb3059e507a8cdf04daf1b39a32188b22dbf056bcaca906a6349e5fcedd34e55fa5b36f10ae2eea0199be8fa9118a86d3f3c7dd56fa2d0dafdcc67e32029387a0af4ef3ad2a7db324088749925a91701cf5b8c3fef47f16eecfaf9ed0a322b259149244084abb3d6406bc0859713d50eb8716ff1213d2a1b41e2598b85f73818a848500616558fb2aa5a32049738e3a3d1ddb9516628b594f61a5d8558a913b2264affcc095ce634d45eaecc8c8ce939d795cd75eedb99742a13da91bfee65a7729521bc78c82939bfcd3e1ff96264e3f80f159d0680eade7feec00d9d92da69fe93428226c6b7b030b705868be20d468ab7063137e69de499cf82daac20d7be91044ce7108904dfeba5cca154ebad81a82d5d722665e894f8a34ce794bf355059e0a551630c13e960dd59397fc07f0b9b5db97a45bc5aefe0b9c72d38496303ae737931468206c423219df8a37e833604a3a3298553e32c3935007bacb92b90adb7f7c336924fc47e360134e3c1f78dd34dfafbcf1367d8ac2d9e2d676eba92878e1f485e0c6f340158fd504def6b608d3a8a007c687bbc7eeea24a6c46f1cc620eb3c1eebbdc9be07d8a3de2120a414ac7a3d88dd4de898fa4640f2998f3cad6a80d7ea741831274344e4d39695de1fcf739e73a62f6cbdcfb32fc868a7723309ea231e6af8433923ce76757d2b827d0e507e1a4ccb53f3202629d3a272b69999a4f7b18f15f6cd9b223200dfdd0e89ee3f09abcd74b72e3c6f1bb31a8236ad99be3aa7954e362f43790530a07b6b39607fbfb4b5886d5cbf1a1751d597e28b2d9a30295cc242157ed433f001e21b634c7d7d075b69890c33f3c81fbc9fe7e766e88bad2435420db546eb3ad257b595fa323b29dc70ca31e5432ef082227f1e91a4f05debdb3716485183f460fdbe9cf05637eeb2ed76d00694c2d89765976657c655ca857aacc44f377c7f38358c127fe4e9319d01ac996ea5a84701d379b9a6f08287441bb2ef54029fb12fea7ac4c36a92eabd15cc4f4ddcfd4447182063a4cfd503cba25a1161effca357a3e58f0f9e0085a9c347a4dffb240106b94de62d0b1113e8b01998de0deef1a1351030f57003e46b2658980a453d30e73a5537db0a06952d600fb4011e6fb2d969c2b79ff28ea2b64235341c4453df5d461a546e89a22c1f308b79cc1782d571a9008efb91aeae923b0bdf0dab7ff6fe7ccc2ca71bef8697a9674469fd0916da95ba69bd3e0bf10bae84cd4183c0362d285d549f50486cea1a06d80779da2af872db34f928484b2399d942b3ba25078a9138a6d4836b9f0f1f30a8eae61ef9c1cbc6e1a18a5eab08b83d3f1557f24812f13f6892fb1752559a4890f981f4e5677ab1ae9956ad73bdc2a574c937d8169cd912f3a5b8ef72b1b156e2df23e1db3bfd20f30b44d79b8b866a48fc8596c1127469067b4cbceb4373824f7c83da4521abcefa606a93ef61d14913de1eff8880dee37ab0cd5b78fd9c4e9cdcef18d4c6c65924ab7a7dadc49a1edf6831e6d75a4c9dcba2c211f89bf97c580392b9d10ae0c428a5eda4eef87224ac9ff5eb254828439a33f2433dc48908a60240ac5ed40c06bb6cb0c6bcfa4fd8a4b385b0239911425427f7e5a03f41dec84647b360b19962bdd35f04fdf45877c5f21fcaafc2dafd09cf2a52a50e66af5717e6ab26eaa6f48524518bc709982c649bb205db99a8b32dca2c3783e04bc5f3850091c59fc7873a9ace25f3c320cb2ed327727607e699425289b4994ef4d8edc64c2c39135b760249dda6a16027815c76a2fb7941d26478ba600e5c15374aba807905cef69e86e9ea647d59edef0cf0f525cadc199a6574ebe2f1d70a13c19d167dd02f72fba2a7e442b7188ec9eb9b79da3360ece729fdf4807d48501eab7fcf65d43d7b3fdcac6aa248babce39d5b542793c08a58c6f233b7008c9f110b02ba8de78c5a5859380b37d7ae641d2113eb407093982943e2c67346f41d0a03dac222388a8d5bc8e247b6999be37475fa0c9a2711a7cbeed147758b232d80d143dd75f43c59c369f99a7dd9e4e01945bc0396dda9a3b7d29ca113d8227071dd9561a4c9df705412706bd61d4331651806774636bfeefc1b268ae33a0f0ec9f9d3a8ad526ae9e31a926b9ad5d73228378ca8eb54b6ca4c014a86b47db5c091cf6c43959cbd4508b40503180b171453765f1172c117c0360718e401b7d3f4367f0671ea0a3156ca48ffca9856af99af888bd5ef936d0984ee485fd4b569cae4abcbbf5ab56f5d0dda3442cc1c08cfba67a8056526e7b1e54657f9268e8b2e3e331ade2f6db46c58", 0x1000, 0x40000}, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) close(0xffffffffffffffff) inotify_init1(0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) accept(0xffffffffffffffff, 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f000020a000/0x4000)=nil, 0x4000, 0x1800003, 0x20010, r2, 0x23a27000) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) listen(0xffffffffffffffff, 0x80) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) write(r3, &(0x7f0000000040)="fc0000004900071f8a092504090007000aab0700000000000000e293210001c000000000000000000000ffff0000000000001ec28656aaa79bf87c5d27aa2f029f000200000300f92fbe780196370d1151ffd633d4b40c03c1ad54325950000000e5d18064b1ed548d59c40a366c57c6a55e00000100d07302ade01720d7d5bbc91a3e2e80772c05defd5a32e280fc83ab820f06f70cce190a60aa47e98839971592064e763b6f380f6dd92c83170e5bba4a463a1e00566f91cfded815b2ccd243f2564ea45b41577d2c95ed94e0ad91bd0734babc7c737de583df0200000000000000a6b567b4d5715587e6d8a1ad0a4f0108a8835d731d05b0454e", 0xfc) [ 1024.824596][T13373] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. 10:48:56 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffffffffffff, &(0x7f00000012c0), 0x0, &(0x7f0000001340)={[{@dots}]}) 10:48:56 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\f\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xff, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:56 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:56 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) r3 = io_uring_setup(0x20de, &(0x7f0000000040)={0x0, 0x4df5, 0x20, 0x3, 0x37a, 0x0, r0}) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r1, 0x7) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x6) ptrace$cont(0x18, r4, 0x0, 0x0) ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r4, 0x0, 0x5) tkill(r4, 0x2) 10:48:56 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) read(r2, &(0x7f00000000c0)=""/227, 0xe3) 10:48:56 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000001000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:56 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:56 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xbe03000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:56 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0xa8cda000) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:56 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x2, &(0x7f0000001340)={[{@dots}]}) 10:48:57 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:57 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\r\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:57 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xf, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_opts(r2, 0x0, 0xd, &(0x7f0000000040)=""/20, &(0x7f0000000080)=0x14) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, 0x0, 0x0) tkill(0x0, 0x7) 10:48:57 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x3, &(0x7f0000001340)={[{@dots}]}) 10:48:57 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000010000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:57 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/suspend', 0x4081, 0x80) r3 = io_uring_setup(0x20e1, &(0x7f00000002c0)={0x0, 0x5ff, 0x2, 0x2, 0x800000, 0x0, r2}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f00000004c0)=[r2, r4, r0, r5], 0x4) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) r6 = openat$incfs(r0, &(0x7f0000000080)='.log\x00', 0x501040, 0x102) preadv(r6, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/68, 0x44}, {&(0x7f0000000140)=""/243, 0xf3}, {&(0x7f0000000240)=""/24, 0x18}, {&(0x7f0000000340)=""/58, 0x3a}, {&(0x7f0000000380)=""/178, 0xb2}], 0x5, 0x7e, 0xfffffffe) tkill(r1, 0x7) 10:48:57 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:57 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xbf03000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:57 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x4, &(0x7f0000001340)={[{@dots}]}) 10:48:57 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0xd) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f0000000100)={0x9, 0x20}) bind(r1, &(0x7f0000000080)=@hci={0x1f, 0x4, 0x1}, 0x80) preadv(r0, &(0x7f0000000400)=[{&(0x7f0000000340)=""/147, 0x93}, {&(0x7f0000000200)=""/41, 0x29}], 0x2, 0xd9f, 0x0) r2 = gettid() r3 = io_uring_setup(0x59a2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0xfffffffe}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000001c0)={0x2, 'vlan0\x00', {}, 0x3}) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) splice(r4, &(0x7f0000000140)=0x1fb, 0xffffffffffffffff, &(0x7f0000000180)=0xf, 0x0, 0x0) tkill(r2, 0x7) 10:48:57 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:57 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x0e\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:57 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40000100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:57 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x4010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = accept4(r0, 0x0, &(0x7f0000000140), 0x80800) read(r2, &(0x7f0000000180)=""/81, 0x51) r3 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000693000/0x3000)=nil, 0x3000, 0x3000007, 0x100010, r4, 0xc5373000) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$BTRFS_IOC_RM_DEV(r4, 0x5000940b, &(0x7f0000000340)={{r5}, "22e4e8f06dc880977e665d7f047267037e9c2ed05d6d43fa073d320e59cef44d9f4293602db6c638d305c4cb78d40e01f860dfc5ce5d47c8b7a89e1db1474053d551b6cde749b3946cfaf452321a41dd225403a2a7a1d23212badd8b6eb922bf616323d6e255ce2f6d2ccb61934eb826e043b446e4717a94350b5ab4d8728f4be8976703269c55c9336711506f15dc5339f3f0c84f95b188656883fad6ae6105914b0f35b96b1a4c5253800b18947936c5280e09f51d5934c6b293109c3020c33f522dcc04af824e0a00537daa219a34907a9749de2b93b1b77a72d1a9482063ad70d22d978e4c4dc7cb76a8b55901da22bcac8e766a82f7bbd3f76b626338f283eb78faec3c0dcfff8c4587869ded179805e20360f3e8b2e292f30ee269186bc04895b916064c362f29539553ab02a576f0440a2e396db5f68e409afd47c8bc010444063a56590e3a24f525b5905da47012c70df95a34f9088bc4515a0f6f14c6bfd3b10a39bca2eec00360398b2b661edc52c68dae82f58325b17f5f2e49a68c5c0ec52ed6a25cc19f396e28c80093ffbaf58b8ac36c850f7a54fddf240a58978fccdd0146ceeb51dbcb8cf005ed9fd5333f35dd5f6333b3c8637c2101ff3337fc4f3a0f8a127e740afa3d5979b7985b8601da26c9397887c1540b763eed24336f6eca56857aeffbb965ecb4a166f73ea5d3f3fc511df939951b1be8ac944ca1686d92bff1bdf15fabe478b761100b86e6250279b49425d7d9849c78713b38d9f41059bee51618987e4cf67711849bce81534cdd7bcaf9711388e3f7a30b6d42ab1751b75ff764c4bb89c56159ba567d3ccc70a53d7529c7397b5c18e9a57f88580334d679f2b35f660ac9c3c113eeb1f48f311e4d34c4df20cf5d2f2ed9cba9b23d807d54e756fb47f12a546e3042076c22dc23769e5a0460bdebb5691cd5e4b588ddd53d57d98004cc871821012cac9b31737ed478e1a52f663a4512c44e02f90a218bac8fd05f7e2af7cad927df76eb4234ac891f4789cfbfd3b0e8c4a02fc38928777b936ddf9811c320539126182437be60070de0587fb43b9b15a6f8434dda8d5e179d704dbaa034b062e25974b07162af182683a4f2bc81a9d825505eb3b229b1fc039f252b562ebe13a5cbb3703def855296cd930a50f53e9874320ba1afebda29c991c5e7bb3d3df97e2e29ef398ebc3956b238bb27ec28994b3d42f537b9acb20d74b50cc102fa06013d846b5c6328bf2cd4455275ec32dc2dd33747ada6376b8364ed33b6220931d34fbceebc6bbaea09dde43be2ee721c2a31474b735d337c84d97efa85737c130d8de8abc3813809376064445527968835c7ec804c3cad3b7667a2a98fa0c57179e32b55c097d00da212f611fe8a261480b43c85b1710b4fe5e1e6c33de89cb07cc45b254e13ebe301a2e73496f0e82aab29b6e40239042ff35fbc240ba44188b57c2b8383b7ecc24a5038b036c235af951955c4eb81edc1969a8e9e3016fa607080d65f8dd8f3eb748a607a37cd6dab38d93b223b947400429286f8f70496a590b2d7de94ac3cf8230326e102a4e9d24620969781f97f7a2bb55e1d34de4e39a5d22467f8b06d41d7e54d3aa93a73363eda3195c41b483ed7c4539148ecfeb777fb558a938a220165f4777616adc6149e15fad43f73cab24fcd996e0043472c73a86e14bb189ba8a54c13fa569e5d219396e6ebe09afb2abc96c66e0d19e9a976e6bb7bb16b89e2ff56877106bece9f3d239568d63decb7639d59e73c52f8565787205f62d4e8aaa9e941a3aef352b886607ae302245142bd82a6b3bbaf11e95757c4e858810d7d11998e235e51b706d7b87636a40e647c93aacf63a8019b5d8f0c0598f9980a0c0920694e72e0febf01a0446088055487585423723e5721fed250fd72e09c9c82e09b113a34921a3c9dd300b26bf3c3d96871bdc715b206cb2bbbd008fa3111a6fdcfa81a9eddb773890385d691aaad70e0fd11a469674d1801f14b6f85496ddf0b6acfa387878572e9839c04766eb4eb932adc32b354a74442c8053462fcad21648789c05b29dd936ab59ea5cd68caa91d5b58d4fd51a45e5f1801424e085927ff02e93c5b40f5167cad2d6922e9d60d46ed893e940ff0a2eef91152d39028f59448d93cd6ae6e23889fd394bd95506c8428e4c7162b075f456e0c3d653b2e89a321c6fcdb513747b143d7112405bc84e4b3421ec324c230e9020d36ce751b068f89bbcdedce151c12cb91b60a04e7f0eeefe4a6360e917b835dc5937373e856293f88ba622682cc28883400abe4cc8fe19dbf1cdf751bd0b9c856836a58b50e2aa122f3894b629be58180bc89e8f3a8408c6ed830983e27f45f6313af859522fb40784872d61385f23c138703fa49b0719263c6a81d2c1525c16230b1b266d8efba0cdfd79d26ed65d960862de276d8d6c2a4bd9fa96282668e1d96563ba9a28e6b96020f7087e33890aec65d974631eb5294322959f86d11d138c0f344eb3b01bd63a0eb5a248fb8e9ce50c69e4277c32db7da7f1edbe1cbf7b48fac583ef6b897233a66734c9af62b59ecd86065eb206a90d415c4fbad2d6dbf897daee7bcda6c2449dd92c3ff537f6be474ba2c7fa3e971f71fe6246da3332bf38af2af91da3093929a88c617dcfd41c8b7c5b6a5d8d0f34369740fd924ed718d81b961dd286fc01e6d967cf3882ffffb92ced548b8fa04caf525a9f1a7ea1a795494f5fcc9a9dae0b82f573fc838bfeb18040cee761fb2b69f93d5e5d6efaff4239f7c2a4b83cd9759c25ac9e82673ce24748cce49ad812292dd6952a935e15ab83f8874a87fdd439a561dec86ec65af4104ac89a0a00fff6a5d8989d48400330fcb77529cbaf61cb9aecce1f0aed6ae2fa8307e66def017f4939f6658bd1d304d73bfa7ff4dee12045cb24597699c82f776025b51116c208c0ad2abb3f76ea8f5328765ee09a6ec150bdb775b5bd6e17254bb2daa63aab958cd34b2f964d23e749db0c1c77d2547a68e09ad0c77c7e888da5f33b9bef7aabda1e80b85e83ba603e64f5ac79fcccf95a0bbc11dfcff96933d3d45906b8e844330c766f59666cd71aed464d273c8f1980b42bbbd38a0257e3c84e3ecad5011ee4aaadb9d8dcb335f015a362effd915dc2260fd6e0bef5bd8f02f5ec80ba0ac0d759213923fa9dd27d983b76f6ba00b6ef4794ed329f26a42abe7c90016570ddbd87e114be9ff1535d626a7ca18e882d57de27bc6e80b042e597be9e4ff819e39e6c3f1a252de876195801f3872bdc7b51b81043fb8434a13c34c966aa40a8dbc67df18d4b400f3bda01991c7e8147b9113ed0b3c61bdcc403c6373b8823bcf460d78ed49941cca255d8fbdeb0e0496137c5cec9bc7b598ddb71574ef7e57a465816fd4a4c1067341c7d118cadcf95d1d0a3bdf37dfd5130669d16fc45874e294904ee92edc867c447afa17b1b5b46b1606301ae5607ada879e2d774d436be7d7bd78e5efe92c2b172dcd5f137f40ea9ab56186d8de5683f916a733062243428aecfc84eae09870143acd58ce88290e4389681b43923b3cabfc223bb17435963117e62039eea247fe37a8b173dbf7103c3318464a0bd5181941c59dc67dce8815aa62b96b75dd2fa3ab84c76cb296da6194b0ac17162003fced64caccba9550a51e6d2a3a2113fc899b37f41547e7a5e4d95365043a6441f7692aba31d6e77ed81a9cc28f3c95cd97b78eff2dae9ef57d12ef699b1f434b7255dcf69bdb26f929b3e3b4a9b8f8030c9c5f14c1dd915b0018c7063e4143fdea4323232a37fd8568f0b5efd6a588cb468ecebf786a4489ed6f08aa4405bdf8d0ffa8a47b5b6e0d384bb8297fb79fef78385ff4f4728b1175e16a855db6d1b5067760871d0b29fe8c83c0e76f1484596948706fd3d3f1d9e345ad1981e9762bae517f5ec35c0c6c3e0aef5eb1a95facea8061f5af7965cea173d3a459da132183831b945fc3ede65ae60eb5d3153e341a7478f39da093abaa75a7d1c45bd0b51fd2094cd20c5ea44ff4a843ecc1f347dd7fa4d4356dc603451e6d41542c8b55a87164380b6d54c37e62eb9e4f044f99181e11f5d21959bcfbbb9663ab9b40c32713a173ffae4dd8dc410492bc7aa7a4e0f375146959a3db14abb8236ded020bc65933cab9cc6b4dc2e0309bbb3e34009e04d4ea0b3eb38e9956fbf2509471c807a9018642b43a8b97665c523f60cfe35660bc94b37ff1828a953754f135507ca78dac4f734c17f192e5b60e46632a137cd78f2b6417694708c762f8c744288bc33ab734c747b5866a312edcf50766baa6a969311378c723736e25d5be2b84e74a17f7ae391a613d8b1959c28d86052b4e51e32e149fae879bbc6de7942999384ac2a87e16e0e21d97a6f992b15ccce4efec2ad8d5fc1aa22db70febd527fe9f44ffbb55486b03f71a2b3fa72ff7748a8d5022d714037d91f697a835aa241d68dbddbbd872a1a16e675e7501d888cae46eabda0d259689ae6d8ced1ca8dc7da39145bd42cffea948fa81d6f24480ea8ca6fe4d4811a0714f27154534d61f802c6ac9be06c1f2bc8ca836188a2ee562098095a92f35e1aab89e86d0f87182ab42393256586fd9781b366d4ae10ce9385c1906a26d2c04a718095aecf44f896114579ffab963619cd137beb7399d4f106e1992fa309f0cd1a3f573dc73e2b3ff36b94f4ee48d8286006e2c98a58d5e1afc1faa0cec21c42cd71ef69fb6795f3b0ba3afd8003a3d9d3a0b5ca3dcfb18830280ba327b5107bac56245c07b7c27877b366f4bee34e16859ac1d15c09534d4e81fa5f56acfae39a46beed099814318f70ea8e5829b01e9d878054d7c4be95838dd53d15878054c4ce30f30395ca93eeab778f8ad1a843ad8a215cfd9de9b245a233619f3b09501ef6667c32a1fd0d692fd0b3659b56664f0b112b4943825b8984b7cbe901f1aafb8473e99c4256fa98a1c2108a8dd82ba86f9a2188c7219268c36ae47bfb113b48cc6ee91b7cf0ff4ffb54cd15b3998516af839f6a733848a00192c8a05f816ef362832b007ce0f1717171b193de4d997680a52c51bd4b296569676e301647f051096a68089dadddbc18acbf97f3939b6bfbcd404e51aa372b7e232db3d17a385a6026e546a2123a3463d38eff9c2078d24f79122b682e2e22e249fa15f67fc05dcc7d1f2d4ec191c1f0017542e8530ecc5bec4b15d1f866f6749f1d7f9214a898494e5ece1a6e421a3fa85d2e7395b23e3f2dda1e195288d2ed7e250cda934266890b201a501dc3b695ade8c625eb38d1c1ba50ef221935b63e220e34a5d33f85a875a485eb8558e937606553132c0881616bd40714df0541835f72e2e3f66312713e6bfc069efbcb8d2f3f117be5b5bae0e9ce1d638b99b9bfe0395e2fcabe7787f3d6eccc7b3b1f5c9d7324bf7b4a2986c41bddfed301898acc14a4e1e8e9136eeda4b379d80f4d088edce53dbdd9a3b7ee0888d73133af4c82c392683e051bf19a8c9546f7cb8c957dcec3e9eb475bd64b9a7f1ba3191bdd837688e0693aa8397d405046982199b7d72842ee1edfc740860767f3306163cc90c0475f3b1070bbb5d7b2bbc5a92121622f21237bf8594e138c1e8f92ae7a25e2c0024eff3218529b3581e091da3c39d22d185af128ed285a67296dad5c55a0e4f495b119858f80beb3e9036398b6a0cc7a27e4c460c7060d4d79447118d6be7475fcd377e0c6c2547f69c1a8bda0c902da549b2793fd43ce2c09d5c8e4ae0efece7a1acc0"}) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r1, 0x7) wait4(r1, &(0x7f0000000040), 0x2, &(0x7f0000000080)) 10:48:57 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x5, &(0x7f0000001340)={[{@dots}]}) 10:48:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:58 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80ffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x6, &(0x7f0000001340)={[{@dots}]}) 10:48:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc003000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:58 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x20482, 0x0) read$usbmon(r4, &(0x7f0000000140)=""/195, 0xc3) ppoll(&(0x7f0000000040)=[{r0, 0x2400}, {r3, 0x2024}], 0x2, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)={[0x1]}, 0x8) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:58 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:58 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x10\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x7, &(0x7f0000001340)={[{@dots}]}) 10:48:58 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x24) 10:48:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x8, &(0x7f0000001340)={[{@dots}]}) 10:48:58 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:58 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x37) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x484040) r4 = syz_open_dev$vcsu(&(0x7f0000000080), 0xd92, 0x0) close_range(r3, r4, 0x2) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:48:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xa, &(0x7f0000001340)={[{@dots}]}) 10:48:58 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x300000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:59 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc103000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:48:59 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:59 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, 0xfffffffffffffffd, 0x1, 0x0, 0x0, 0x80}, 0x40000) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000000c0), 0x10b702, 0x0) r4 = epoll_create(0xffff) r5 = inotify_init() io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)=[r4, 0xffffffffffffffff, r0, r5, r2]}, 0x5) 10:48:59 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xb, &(0x7f0000001340)={[{@dots}]}) 10:48:59 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:59 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x11\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:48:59 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x500000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:59 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x18, &(0x7f0000001340)={[{@dots}]}) 10:48:59 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x3fb, 0x700, 0x70bd25, 0x25dfdbfc, "", ["", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4001}, 0x1) vmsplice(r0, &(0x7f0000000200)=[{&(0x7f00000001c0)="1deff4bc4bae744fdea7567b43b811ac658d530adee555defa9e26e5324fc4e1832ca2fa9e8d8b0f0cfadcfd99", 0x2d}], 0x1, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000700)=[{&(0x7f00000004c0)=""/46, 0x2e}, {&(0x7f0000000500)=""/106, 0x6a}, {&(0x7f0000000580)=""/235, 0xeb}, {&(0x7f0000000680)=""/47, 0x2f}, {&(0x7f00000006c0)=""/6, 0x6}], 0x5, 0x71, 0x0) r3 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f0000000780)=""/9, 0x9}, {&(0x7f00000007c0)=""/70, 0x46}, {&(0x7f0000000840)=""/215, 0xd7}, {&(0x7f0000000940)=""/186, 0xba}], 0x4, 0xd9f, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000240)=""/25, 0x19}, {&(0x7f0000000a40)=""/111, 0x6f}, {&(0x7f0000000ac0)=""/187, 0xbb}], 0x3, 0x0, 0x8001) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) openat(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x4) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(0x0, 0x7) 10:48:59 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x8, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:59 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x600000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:48:59 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) ptrace$setregs(0xf, r1, 0x1, &(0x7f0000000040)="08d22066a42a09026299ffda21dd14750516762fb93a8f5cd1c1941693397e87fea206532b840638b4f83f6b3f5e3265fe4749c70137b7ad9b7279b2d97b12e05c000de883b99be714e63226e3a10006ccdafe7e5cef6166a4c386e073d62a69151f2d79a83514d91793708372dbe7862bd0e82d6e") io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:00 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc203000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:00 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x26, &(0x7f0000001340)={[{@dots}]}) 10:49:00 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x12\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:00 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x700000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:00 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:00 executing program 0: ioctl$sock_netdev_private(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)="d255c69911068b1806560a951811f8c49988a64ceec087614495a0b4d6160f9106db077a43582574a425ac966337c214f90e9b648e57b9dd415e0ca59c91868958b7c1000d703d9ab0bb3e16edc5337efc8bda9eb9b855d8b581dea5622ee5af7beb50f95f7482f0f75cbe3dc682a2484fab862733eed09de36e63a52a17f413430d5a7c14bdbdba6ba3cf0c11405077f211161c9325f0951880a6c97198d1a3e2149f7f088d331b23a0d0b682f574f36d240a4f") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x40e5, &(0x7f00000000c0)={0x0, 0x0, 0x2}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f00003f5000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r3, 0xafae6000) r4 = socket$nl_audit(0x10, 0x3, 0x9) fstat(r4, &(0x7f0000000140)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:00 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:00 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:00 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xfe, &(0x7f0000001340)={[{@dots}]}) 10:49:00 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0xa, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:00 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x900000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:00 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x204, &(0x7f0000001340)={[{@dots}]}) 10:49:00 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc303000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:00 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x03\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:00 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) preadv(r1, &(0x7f0000000200)=[{&(0x7f0000000040)=""/186, 0xba}, {&(0x7f0000000100)=""/17, 0x11}, {&(0x7f0000000140)=""/10, 0xa}, {&(0x7f0000000180)=""/76, 0x4c}], 0x4, 0x7, 0x9) mmap(&(0x7f00003b1000/0x2000)=nil, 0x2000, 0x800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = gettid() r3 = io_uring_setup(0x20e1, &(0x7f00000002c0)) syz_open_dev$vcsa(&(0x7f0000000240), 0x4, 0x101000) ptrace$cont(0x20, 0x0, 0x0, 0x5) rt_sigqueueinfo(0x0, 0x10, &(0x7f0000000340)={0x0, 0x1, 0x5}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r2, 0x7) 10:49:00 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:00 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:00 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x300, &(0x7f0000001340)={[{@dots}]}) 10:49:00 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, &(0x7f0000000040), 0x1) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:01 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x402, &(0x7f0000001340)={[{@dots}]}) 10:49:01 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:01 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:01 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000a, 0x13, r0, 0xfdc8d000) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'sit0\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000000c0)={r2, 0x1, 0x6, @dev}, 0x10) r3 = gettid() r4 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r4, 0x3, 0x0, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, r5) io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x6, 0x0, 0x0) tkill(r3, 0x7) 10:49:01 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x406, &(0x7f0000001340)={[{@dots}]}) [ 1029.877081][ T1036] ================================================================== [ 1029.885195][ T1036] BUG: KCSAN: data-race in d_delete / lookup_fast [ 1029.891622][ T1036] [ 1029.893957][ T1036] write to 0xffff888138d0f900 of 4 bytes by task 13755 on cpu 1: [ 1029.901681][ T1036] d_delete+0x6e/0xe0 [ 1029.905679][ T1036] vfs_unlink+0x3d8/0x400 [ 1029.910017][ T1036] do_unlinkat+0x238/0x4f0 [ 1029.914453][ T1036] __x64_sys_unlink+0x2c/0x30 [ 1029.919136][ T1036] do_syscall_64+0x3d/0x90 [ 1029.923562][ T1036] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1029.929468][ T1036] [ 1029.931789][ T1036] read to 0xffff888138d0f900 of 4 bytes by task 1036 on cpu 0: [ 1029.939325][ T1036] lookup_fast+0x15f/0x350 [ 1029.943757][ T1036] walk_component+0x5c/0x350 [ 1029.948357][ T1036] path_lookupat+0x12d/0x570 [ 1029.952960][ T1036] filename_lookup+0xff/0x390 [ 1029.957644][ T1036] user_path_at_empty+0x3b/0x50 [ 1029.962504][ T1036] do_readlinkat+0x87/0x200 [ 1029.967011][ T1036] __x64_sys_readlink+0x43/0x50 [ 1029.971868][ T1036] do_syscall_64+0x3d/0x90 [ 1029.976297][ T1036] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1029.982205][ T1036] [ 1029.984529][ T1036] value changed: 0x00600108 -> 0x00008008 [ 1029.990250][ T1036] [ 1029.992587][ T1036] Reported by Kernel Concurrency Sanitizer on: [ 1029.998724][ T1036] CPU: 0 PID: 1036 Comm: systemd-udevd Not tainted 5.13.0-syzkaller #0 [ 1030.006965][ T1036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1030.017027][ T1036] ================================================================== 10:49:01 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc403000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:01 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xc00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:01 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x480, &(0x7f0000001340)={[{@dots}]}) 10:49:01 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0xd, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:01 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x3dd7, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) write$P9_RREADDIR(r0, &(0x7f0000000040)={0x87, 0x29, 0x1, {0x6, [{{0x6d581ed962eb92d7, 0x0, 0x5}, 0x5, 0x0, 0x7, './file0'}, {{0x4, 0x3, 0x2}, 0x0, 0x7f, 0x7, './file0'}, {{0x20, 0x3}, 0x4, 0x6, 0x7, './file0'}, {{0x4, 0x0, 0x8}, 0x8, 0x20, 0x7, './file0'}]}}, 0x87) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:01 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x05\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:01 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800002, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000040)=[r0], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:01 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xd00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:01 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x500, &(0x7f0000001340)={[{@dots}]}) 10:49:01 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0xe, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:01 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x20000, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0xa2) r3 = syz_io_uring_setup(0x3550, &(0x7f0000000100)={0x0, 0x6b4e, 0x20, 0x10001, 0x332, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000523000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) io_uring_setup(0x3963, &(0x7f0000000200)={0x0, 0x5aca, 0x8, 0x1, 0xd8, 0x0, r3}) tkill(r1, 0x7) 10:49:02 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xe00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:02 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc503000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:02 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x16}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:02 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x52d, &(0x7f0000001340)={[{@dots}]}) 10:49:02 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x06\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:02 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:02 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x10, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:02 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x600, &(0x7f0000001340)={[{@dots}]}) 10:49:02 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x800000}) r3 = fspick(r0, &(0x7f0000001500)='./file0\x00', 0x1) fcntl$setown(r3, 0x8, r1) readv(r2, &(0x7f0000001480)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000040)=""/10, 0xa}, {&(0x7f0000000080)=""/104, 0x68}, {&(0x7f0000000100)=""/246, 0xf6}, {&(0x7f0000000200)=""/64, 0x40}, {&(0x7f0000001340)=""/84, 0x54}, {&(0x7f00000013c0)=""/181, 0xb5}, {&(0x7f0000000240)=""/40, 0x28}], 0x8) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:02 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:02 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x11, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:02 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x604, &(0x7f0000001340)={[{@dots}]}) 10:49:02 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:03 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc603000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:03 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x12, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:03 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$BTRFS_IOC_GET_DEV_STATS(r3, 0xc4089434, &(0x7f0000000340)={0x0, 0x80, 0x0, [0x0, 0x8, 0xffff, 0x400, 0x2], [0x1, 0x1, 0x669, 0x5, 0x9, 0x4, 0x3, 0x1, 0x5, 0x3ee, 0x40, 0x8, 0x7fff, 0x3f, 0x5, 0x200, 0x2, 0x1, 0x8000, 0x6, 0x100000000, 0x10001, 0x7fffffff, 0x3ff, 0x101, 0x9, 0x29, 0xc0, 0x800, 0x7, 0xffffffffffffff0e, 0xff, 0xae8, 0x7ff, 0x0, 0x5163, 0x1000, 0xb41, 0x0, 0x2, 0x80000001, 0x8000, 0x9, 0x0, 0x80, 0x5, 0xa77, 0x401, 0x1, 0x7, 0x20400000000, 0x5, 0x20, 0x80, 0x8, 0x200, 0x81, 0xa6, 0x5e, 0x9, 0x4, 0x3b6, 0x48b4, 0xffffffffffffff69, 0x80000001, 0xc3d2, 0x2, 0x8, 0x9, 0x1f, 0x2, 0x32, 0x81, 0xffffffffffffff80, 0x3, 0xfffffffffffffff7, 0x5, 0x9, 0x100000000, 0x2, 0x6baf7e9e, 0x2451, 0x6, 0x7, 0x5, 0x8, 0x20, 0x8, 0x100, 0xffffffffffffff2f, 0x3ff, 0x2, 0x9, 0x4, 0x2, 0x9, 0x5, 0x3, 0x7f, 0x4, 0xfffffffffffffffe, 0x2, 0x800, 0x31704fcc, 0x8000, 0xffffffff, 0x0, 0x2, 0x1, 0x200, 0x3f, 0x9, 0x8000, 0x3, 0x3, 0xffffffffffffffff, 0x4, 0x7fffffff, 0x7, 0x3, 0xcd]}) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) r4 = syz_open_procfs(r1, &(0x7f0000000040)='net/psched\x00') ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000080)) tkill(r1, 0x7) 10:49:03 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\a\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:03 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x700, &(0x7f0000001340)={[{@dots}]}) 10:49:03 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1c00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:03 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xa00, &(0x7f0000001340)={[{@dots}]}) 10:49:03 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2600000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:03 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x1c, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:03 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xb00, &(0x7f0000001340)={[{@dots}]}) 10:49:03 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2700000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:03 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\t\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:04 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xc703000000000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:04 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x70) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) r3 = getgid() r4 = getpgrp(r1) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r6 = openat$cgroup_freezer_state(r0, &(0x7f0000003640), 0x2, 0x0) r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000003680), 0x101080, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_READV=@pass_iovec={0x1, 0x5, 0x6000, @fd_index=0x6, 0x401, &(0x7f0000000200)=[{&(0x7f0000000100)=""/16, 0x10}, {&(0x7f0000000400)=""/160, 0xa0}, {&(0x7f00000004c0)=""/166, 0xa6}], 0x3, 0xe}, 0x5) preadv(r8, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004a40)=[{&(0x7f0000000040)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000340)=[{&(0x7f00000000c0)="05937b6c2fae66f1e85b5415fa14fd4bbba6da", 0x13}, {&(0x7f0000000100)}, {&(0x7f0000000140)="940234823a60358f5b99c6155fdaa12e8b300943a521c9c3f2e539ff5989076149611239b4453c7375b2d6a06af7809cd5be49811b13106eb19be4f210e10ba1bc6fbe75ccd39635116808c69f7d46510a8c595db11f992c01298fe78e40432695ef72b70c073dc8c3755ba1ff52cee8a8867f7683b6e1f8048538ee67e2e72c39b7573a2a58ce11abb157d39e3e87f21e", 0x91}, {&(0x7f0000000380)="763202135e7fd17044c06005e2a2a1d05ad694b07cb7f31928712b374e26c9e5c77026ec3bb141fa0a5b6d2cdcd1f64d28f96c406efcef8494524c1b08b7f1146fb7e887864845223f417dec24fdb7b0ee1427eff11fc52175602aff81d821f133fb24cf5ca80b0c44", 0x69}], 0x4, &(0x7f0000002b00)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r1, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r2, @ANYBLOB="0000000018000000000000000100000001000000e38b070e3a71c012870b27a71bfdebebb753625c2facb87722411409551286768539d2476be264db186a4d8d10a404af1511a7d7b68cb3fbdb08b75cf9e85f2c56dfac4a6dfc6b366aeb2adc871c35afde4fedf884e05400001f1dfdcfd2d0ccbf64c3065455dac2b1fcfc8c8b955a2ac0cf1f6633a403ac1fdc61", @ANYRES32=r2, @ANYRES32, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r0, @ANYRES32], 0x88, 0x4}, {&(0x7f0000000640)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f00000009c0)=[{&(0x7f00000006c0)="f3ccba3a326cfff90e885d899df7182b1b1136aa66b9c7b6b4aa0a26ad8968af5945590a3c4eb7655b612654fd89332e1db1d50ef50a06e587a7cafa7e46d019854291059988c9a6eb32cc2aa7123a4175427256df6bc74b9f08772f6a485bc8d45ed13e1ba8ef7bacf8476d351f8833af13f62acc0fc04f7b67d16fb5d8cf702d7db98e718d6d7412eacae02b7f582eb8a67d9d3cbabfd33cf54457d41d4ea76daead27f16e8601d25945ac30524b8a384c2161f0684ebe9e5fee80572e8bfc2a0dac58f1c25cbd9b41c7e52e6007fa5de5b7360f6d6eccfd1b21396b6ec1c82f0d", 0xe2}, {&(0x7f00000007c0)="7ee85ab7e231b10ad2f674f01705b11147fd19b44f929fdfcba252c4d17e22e14821e715d66bbe21252b333cd1d696dede428ffdd7c7f3ccdbfda39281750788505a519c2cb3b5b719723b1cf647eb0d207d184fa58d14ea7780fc2157000e1a7fc81b87f41193122f6a4a04b268c6a916241d92af75e9cc1e31e6c8aa80d7c5421e45c43a96c47c5fdd7144d898ec46f681dec170b46d7de2cead42fe07fc6aab76e6bc9912d99ca8775debce1fcda9c5b057b8b1349d1ef9afe61d5ebeb7d83d032ea276974d95cfc2fa651ee714ee39fed2a8a7e9a2", 0xd7}, {&(0x7f00000008c0)="64e8f9906c5ba781f42dd64e5612e356ef50eba236595d7ee2440f7c1568d2f98de28f319f2b023ce70a850d233eb120af37b12dfe6c092769b40fd8189b451e324929a6620ef0fc042d7b7637d687247615412c20e61e74b80f663d8d343fe39f36c360e87974ab6dcdf5882f579a9d6f5bb43f98fcf4e43364130a057cb27992e297826e5c4ba81a5a32e34e1d0630f9b4ef5e237bead71accf9824c1662115d17beec9a32a81032a5f03913e0e44a4cf7ff55e7918cf9d3f0cf61444de50e36b79de3d43afd5bdc40e7c4b2f7b111eb5f180dfc", 0xd5}], 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r1, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r1, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="005800000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32=r9, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xd0, 0x800}, {&(0x7f0000000c00)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f00000011c0)=[{&(0x7f0000000c80)="035a4f4a93d176651d3bce825107251da3a12a0fe952b5a2d086e722bca7f56501b077c2f6eaa0f2473879cf48dd7eedb71043de472058b0c05283a98632a4ec7f63c928597a5ba59364b3340b7f0b1cdfa0c50d2e374d2540e3198ad133c9cd5a93cd20a2e85c40992bc77c", 0x6c}, {&(0x7f0000000d00)="1159deb8e4ae46a4de8cc8d2b23877bf6ecc6b395d7ff4f86cdac681e7221eee2d7722d6ec3bc5ecfbc64443de97653078d022dc6c95f05b4e7673cafbc47eadc06da14f9b506371ba4fe0182ba89eed880e66736d3b1f5e9b45f570f17ff87ae2cfc7c50d1e54ce10dace9df6b3950e8eb1f9b8d08b1be7354b525966f15285d5df9d5ca7a18a305a696f15c1184ef8ad265ac0c309bb551d3544b404da", 0x9e}, {&(0x7f0000000dc0)="73ce11a8fcd6b20ef71153cda52dd78276906a56072aeeccaefcbdf9c8be0c16789bb6a32ab79005f119c741ac", 0x2d}, {&(0x7f0000000e00)="41b98557e38b271476b94ec6abd9dfa99d7be00bf903340c432ee9e6615e4cb9e5d24f69dfb32fb4e9f674d33fdc277f2e652ca0b419edd100f59d3a1de57830c2c8c841e213a1ed5162d4b036ffe4fc198608ffc005b3", 0x57}, {&(0x7f0000000e80)="2ce9d8bff14fbdf949eba95e0be3e1df0b782f19fdadf2d0d4fb3bd39bdf744a7cb7d088cfe32c18d6344f03599daa0f773e4a1cf344d143ce57a1454b5357177a2ce6c300dc8708c6eb511a6e3e16092e636a3e4797cd46389e52ea428b271659d78b54085217aa778ea2cb5cbcd711c2363461ed07c4e5deadbfa8879e8ea4cf4dee032af52a11b54800d5f1", 0x8d}, {&(0x7f0000000f40)="e71ec00361aff5ae28ca44f6fd2010fe6d65a41f3c3dea6d6cbef491c00de5b1f67e6c5bc297f99a503f73cc75202dff5302dbd346e303ecc673dc6f69524812b03aee877cf05b0fe139bb9456003bd118307a3441282fa627228b550b35097ac4e6179cd3304106a710613ac36140d50b5be3daeb645fe2af617a1baa465b19c23768e3dcd0f082077723f6834cc7fa69dcabf9e75741c0f177e49813340b3bc7169c6e9a29c1e4fc847bf4e1e6667cc2afb6098bbfaf0aa14e4b99b12519d9fe9d4bd4f177ff5ef401b13d1635835ae8c6c89bb617baaab2cd8fad38b9fff2111d56391475f46745c8f11386ac9cef3d6bd422", 0xf4}, {&(0x7f0000001040)="385219cc1d43cc93ff964f4669e5f9bdef1fd49ccee5cc747feb9ab4cf9212a8ae7eb3e52b2b49726a645fb729f41cda47140e4924ec297dfb720fcc6409e8f2ba5e59fbc9e9aa64e1032d772500bab11595c24a8e7d60649bdf5668c50af281c566e964a96105fdf8cbe0ee874a", 0x6e}, {&(0x7f00000010c0)="4952da1c5bfd4fd1bc70845bf315eac75d8a9b894f3a1b8e9cb734c28488df3feea865af27ee7544ff2396b59dc2a23febe62b52ab6d423bcea9b9d37815bd6e60a591d1691429a876e5fc159f5df18a25df971ce133483a2cf8af9a06a446b80a6153ff9017b345c2d65c3c23ae7148499d5fbc20f7148fd218e0c648a8e88ea5eea12a8dad047ca9e1a6261c408eca9c95cc4bb130bc142e8788c866bb403d8ff35f17709be30e2c7c1246456d0183db70ee0b0dfbd6a3e256d9fb666059e14dd19d28b6535fcc41f0b3c07c0bc652d5b6d9a5e0c33b4032a770ba6bceced0671d01826778", 0xe6}], 0x8, &(0x7f0000001240)=[@rights={{0x18, 0x1, 0x1, [r0, r0]}}], 0x18, 0x14000800}, {&(0x7f0000001280)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001800)=[{&(0x7f0000001300)="30a53ee39a2941ae464f28cc46f3ecb03a06d15710a97c3a6e91788a7ba68775a5b3ca17ce026f", 0x27}, {&(0x7f0000001340)="eeaa13a6f8d28479a67a8153e63f5a6b49defafba8bce490ebfb9d07738fee8f8e81d045e063999a871a5b7e220853950fd39aff6687f51a857dfe45ec30757d2bba390c133078c06c94e308e8f17e6c7e12c71e8a69d9068a86b55f98e8cb92454f414fde248b4f1789ae3117ac7ec3e491138816c6e18bdb8d113d8974e1", 0x7f}, {&(0x7f00000013c0)="03be45cbf5858cad04419156bf69abf18f13200a0baedd7ed6e1b54570ea9829c73670730c1bc7c95f527db378ab06ca5ab6da0620e9333a454efa77e583755b169bd81beb3afa647d08a8de40e76f70ed", 0x51}, {&(0x7f0000001440)="205d75d60bab3ddc68c91699f3479f7c3b3eee62cfc4a73c21551c8cd52fe5a60e94029a40ba0e5e3d9b089d8b35579d0a68fe59952f670be07ce7b3b40627be386ddd50db8650df0a3b5ad028b4c08e05366b08569a56444c5e13ea74e530a7c1243510699699b1a40acad25723dea5759e7f34a4edba31309814e057fbae531c5fecbf40504b23c02725518adddbf8c97f975bf0ca88415fb08e5bee9e40694a6ae6336be17952d976737f97b7", 0xae}, {&(0x7f0000001500)="43dfda1e29f0cf37b807b375b2308d1593e549cefb562028d749713a38fcafb0f950070b84e531ee5291be4508c43b0fa2e7137a900e91e1ff33cf3015f6179614494babe13209a46296bca1849c5cf75b28067178df4cc196c06bd64d35fefbf1fb9d8c5e0a091d587dd615ff0ef252f218944393ffe76ec9c5d6f8a4fdb50d2b958402b80a438e30ccaab8b601bdfba0ff3a8ef484b3c581d7b128b4a7d14de34d401a4d8abb3d7a3a86955edbf033431a053198499d94742b5add60966aae937b46bae6d007421d944678df998459", 0xd0}, {&(0x7f0000001600)="3614eee0b01e43278650cd33cdc2d96d12278fa58f0906204d3399bf89b57b3563645976d0ed315ea1cf02da03d28442b28eeacde7e84a0d7efd3fc4e855c0dd200a5a654d627241c089e2a94e82", 0x4e}, {&(0x7f0000001680)="b7edd48da7e91190c4a1d5b63a800666a46db1c434a1d20d242d4f8a262b9545923c8c55c691465746dcd8a271a25b89345514b41bb39a7be65092e183092d4703cf9eb56c88507ef75741add870d27f42", 0x51}, {&(0x7f0000001700)="b581450c86731b0d1abc78e6c14677937593208cd2aa1e9f4166dbd3fc30efc6048be34691d2ecf8f5047c4337d2c59a34f1c48d4562c82fc3b959eb5729f28553132ece34da172f22a6eac9d9d46bf2b001018ac307a4feb02ebb00c9450ea34bba1f7bcf7ca4ed579a4b7d9e20ce5d98d2f72dae0f05a1ab13b4f463069ae1eada2ed50dc19ff6f4bdd1cfbaa8a6d5e4d7a644d176c4fe39e3eed84b3f8fd7b2bba1315da3b462688a65cada3c8afe6142ca3c6edcff083a4268199ddaadfcb2f874ee6bbc6b554e9671d0efe5cc61528f90714e8d78b9715a9777bfe41503c84628fe2615ac1b824cc08479048dccbccf294c", 0xf4}], 0x8, 0x0, 0x0, 0x4890}, {&(0x7f0000001880)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000002ac0)=[{&(0x7f0000001900)="c182bdf52d3608f4522877c744c43682ea4033e98d11bc0505d4525dc02d67e2edc94820fb76f52283935c5ba0c811c3445eb92b6046b8f661474a0229292edd272d0947b6e97dc9c14335b886faa5877915d0943530740b0cd33e6ff673d67d8d7745ec92283f0251e6503449fbacd5805ce9eeeb2d027f1e43141b706f8db1fdf5e310f9ef6919573d1a003eb507da3c2458797f9dd4a85382ac6bf83381cbe2fcf519b6c17ab8bbeca94189c91b09a2aac1e2a85590a9426ab702d246a7882b4621d083f9d62a66b6b993b1306074", 0xd0}, {&(0x7f0000001a00)="3eb40c25618cccfe4ed6c4263debfe02db5f6dcbdedf51ef3ffd8fb22f55c3e84e8f1e8f1672b19f5f106e882a505d42bb044720c31538c6705881eb7a1f4ca9e98b72c94581a8ee080e", 0x4a}, {&(0x7f0000001a80)="5b8db2d54416461219baf006f73c14b774cf4d514e4379c4c03900e4ab1ebf6904f13629fedf895c7256fdcc4735afa1f83547c5bf9daac44154b9c8d812cc4fa619573770082da5fad2d7ca533c05a869856d4969d56012c7ec1b41f8d7410e9daf20a248d6852b71a397284a3fa368c82c1889fac3c93e8449ed1c01c8790e7f3bd5863580661ab6f6ce668b7403fd6fcf548f64335f9a8718857c39b7772a0f4355d5979db8964323549131a8536927213adea252b47fd03b9a913af502d63926ca2d2c8c5865f0637eb9ef0822caf24d668c4129470769ddb3320a39fe8e2e5efe2bb7a8bb69c46f6398d3ffd94595a6abd92dd5360690778b5600c9d079f2d9be03810231ad5b857034310cc320bf760fff96c98f4a9fe676bf2f43e8891d9a951a2977e09dbd3638dea8349967713ff016a55544fdee40dc719495067124b62a74fcc791fdecb81bfe8c0e95b690da02e4482c0e337a4d2f98f8ba1ff272b1a668c05ff7e3a62347bb090a9b856d57db80e900cde773bca5c151791cca95d274ce73788d8a82b9027316a750f22450d00ab7a98b73edf566c4da61f19175b5bce6b8a435b180d74dcf77e58df887f8324002991cd7da583fc500bf59515e0a3134ce0c6c0bbceb3cd94641d03efb919f4acb0135abe79ccf77ed71d305c6e7671c4ebbe203f4121e3cfb2643a039f040a6804751fed47c7236de7b87048bb6762fd203009cbc4a0b3c87613ef80a3d187210a664be7959d347f9584aae1ec2526e6c61a86f9b8e26734ee1733d4c05e92539b88e534e5c95494d305ee9c4b4fbf45dc6195a36b5b034f3800f26becda0b6e7c60d13a5dbc1299a9721f04343b047fb8f3e28ed6a5327d40c7194c1bf03f4ac3a24b81ca608f2d9c8739f77a380da60725c3f3d7088edf6011a1500dc98336b1e3dcedf3b82da86e3f6f70c7b874012e44e8646c4bfb901df0a5b16e2fe26bc18b7fd9d9c1845a6b8f42aa7a79a7a1788c58e7a72818a04a427227e77942cf7984bf155a9083ea2bf4f4f7ad017d5cb311beca2b5035aecf16e43d41b77cb50ad566a1b798e58f4735152e38ec5d74439de9522280da3de32e4ae26c59519828782d1d857db45318937771fd56a45ff690c5421f813c34f1c223cfc844f9398b468114c4ec030ad4c70a19b4b30a0cdf52253c2b2f469492775f390708d29ca94cca9d1c10bb1fec3f902007cd122b9197368991610f3365db8e067524346118bd9de0e6429836abc958f2f57d92c6c8dd8e1ee5585b0267330e5df67ba262fa46f4b7f1ae21d82fd723ecc2a5195fbfd1c2987fa390fe91c9a87d20f60d06d2117c8d3765db77320d27d0dbd4bbf85b3fb5d21e4572250423d61828328847ae46f384a2033d203216fbcf4f24508a58522cdaa571c1fe5f3b274a04adace7e56a409e2087adebcdd82e4f891012f70865ed7416948063e816bd84a15cfc8716010b9ee62ee0e62378443b957f96425ee933ebc1530228702c83308bf1f36473514f3f1f17000342321e92463a19d4f7ab75d246b8bbc57f0eca991dcf1b1e81ff3f6cf34e8d3e4d02c00aa069f602dca3188f3ddfd92123cbc034018efe2c91dd8edc16c5e094c800cd6a2b9c1afa8bafa746c34d87864defae294187c13e4fae0273d839fd2e0845cf49ada5c18ec48fea501304ed59d9223310c6de1395b0811c2054924d3a60a0ddecb82575b5fac490533279d31c4e5b5943c10b1f7f9a96b180329d731ebc4e1b505035d88f6d724ada9d30e2ad31e376f998d26b127e25302082d32a302dceabeef278bedb3cdddebcea1c27bbdc73998c6f7b7bd472784fb735aaeefbe33ac1380e58fe75036ef8a2b6fecf3b38a5902ba4e84f1fc70dfe8e8c553d3e2d75242032094ea676322b6a9f54b5cf1a366f5059b2ef24ba5e4d3d6b3c37f30a842d03857b336eac6b5161fddd8c706c87f52c53f2022e7b09b0adfce232f1c4ab4dbd8aa5eef4bd572f9e6d52fad256fbd085bf14d596410cb46c32d6585c4d57f962dc5b94a08064ea2d932ece8fa5578ec65270326acb8f2d0660ce14d99969524aedd8f9b53cf71aad8153d5b315eeb74310ec868e6388a586a5daa08ee5974e4eb163c1e84d18a5a6d89dafda41ba9c01cbf298d2d6623a4c88bf09027465c039aea2222af430cdbfd413c1bbf9d64bccd4ff7f80ecb96b1612b59369c8f44465511b63c714384a5e0ca7cff31fc942e97a9690accc06f39ab5e42f01523464ef5ff5729761f3e8a4005e438c6944bf28ddeef12410c6c04bf23d3083a73875f8607cb9f79a97c263c1fb901019c818de5081f2497fa7fa4780dec3bfe8a0b39aabfa446107bee581f10f1aa31e57dbd9af8e0a52560c864ea57d564d14659e26bfd8f9cd41b6df0b14eeabc76b17f11721f77a16afcfd1dd7c206d0b9265623f3058831f0de41e6ae649ff48a559ad53c9dbf58b92bbd3316371f89db3d358d2ef2bd7122e1adf78d42d50fe6e83c09fd6829211864f8c8dd0d5bba82000f449b78d716d52c0c24d417618e234b7769707c247e2ac00511242115e325cc7b2f3f25ab56a457d1cad9fe5d1e1c512481560709afe6dd5b88ceb7fb67c313b19a31f5315fe1f06e190db988150e4c92dfdb1bb17e0cca2146b772a8e715b1533a1918cba3e01ff73aa6819f91cf730c4d563ec412c6fda5ef81eb0e7834adb0017275ef6f5b8685ab1365019fc5588cc5882eb1a0b7f063d71d72e3d381832881dd2ee348084717725a36b4c707383c5e7d9af0da41b9ef44a475ce1a65b981b768255561681f121cfbb0890c9938781b63142770e18be821b5d193bc3e3e30737f9b8d0b2d2b25a40846e445f99946907f7b4c2281ee277124f2c89ae4657f69cfb6b332286607d1fbcaf65510fbed756b9f9e84cfc8fc7331b664fa24b86f25460017774d9c6bde27617c47411041ac3d088d918f2eaf3b2783064b7890360f9793258d817137c911a8b59f826dd3ce5a5b825fc6059436a4fd4ab05c6b4f2dcafd3d60c118a51e88f48d6884796e218a1110da6e77d05865ffb83b2113b9625f0d7b36554aa285b9feea4074c9dc48aadc7fbb30cac03009555516c20ca681c5df5828bff57aa4dc02abaa67cc76b55fcd412455754bd6952d3fee3b8e97c36548396983bddf2b635d76cfb7e64667c0884aec5ce8c38b2ae8ec8796a47222db075a38ebd0e30732a67cc5a1bbfcca6b6040b26bf69010fbddaab58c527bb18e0e17203defded9bf0faf3f4c6377f18947581d2e2584df94019baf7c671ee17af4d08f6211aeaad7d1aaef4fbf8dacc30658d0a20bcf811647eb5885779e6f9ffb79b0733d253c7dfd93ec34b49a3378c1b53ef2793a15d66c6337a092b16f473172588bd229694d058b6dfbd3d4c0a9ee7b6821c72aca3f9dd7b33400a8ad463568b5313f41a957c31ed48d4595106a68bd6114b0d2713db566ae5326640e3ddc3b61ac9fe3cdea926b636255eb829d765d64f2e03b321685e9c05bbb078fce2b7021434daff15834be0e6148dcee022a5bff6729ad611772d6ab7c68e8b9ddaff8a673e193d7f12b88b1e02369fa518ca711284fa7017a1679fe48ca3cdaf84ea949f98268ea46afa4b2eec9b0f94c7ee859d92d34824e8e2a14f8ce1be017dea8c13d414280901d0e34e8f48381f5a264b11a4b32637c6b8de82e7f320d47501185fcc8afd7c8fa8de4f2cb081eeaeb1dfb9f9aae4a2f46977852b31e6aea2cf3dda5fa4b35e0ccc274328d081d0ee6b6412087455a1fb200b0256bf91bc0c066c9048ca6512cbce419c475ade6b5d4c7f7e4e17a682d5d0e9665c3542ca490f63ed34c7ae31af254e81b27f5be69bf3b016741d588cb3442c7cfb282b67fdbd71f7d98fec326a4ed6d3ac9dd91a1df05df9914a615f11170df221baa3cfc7d61b04a09af675f02b24b7559b093955d6b287033119d2d47424bbe86a52ed9aab46706a2f3830326c0e1cbbe7f9ca73973ffbe4559fe18869ee041858c154285e76c17b95998e0c55de1fb3f35db6862cb05a901cd6c687ca5a5d85a175e884fda5081fe536409f9302fa42a499e6e88037d7c8cd8abb473b019366d7d962c020b5beb7d746e59df85e3dccaa5a7b14349220329d9df377b7c3edb516f8311df751952cf321d2ccaa14f70b217bd21189009d4d30ebc9917156a9063e44ce12f853a34091ef865c14a434afff6cdee59cee8b80d6250507e29f47bcd963cf0dc17c7d490aa238e57a13e9ba3722ca4fb44f8e7a7623e61fd58226ee37723c70994371edabefed80fe5fd24b82b15a4b9df75611c7bec1cc5b00671d967ed70d1be18c75400fb2f98aba4a0a90942a5370ea74841d50a08ece71c9cd24e4ec7185bb74d6e37b232d795ff281d748e409d854e95c41a700ab671da49e3f8128b60083fe63dd8be98f02e85c8425569ea3061029f2900ce7b83f778f9e10442ed18d2fdffe4771e5a59269ee2e767c914155be4881f00c2fc83f37db1f7aabc865a04866345aa69fd45b064335ed26425769190658532af88bab2d0cfa2bf5f0d339e8cd183aad6b726fc07359881cf38ff2a24d5e3544d3efd399df7696ae1f9e23774e20443421d13f25c8283eba522a61e374e1aebcad68e07c6aa95be32ec0ac548848ef98efb46161c971bc92df88e0178189943eb5ce7a64ac079e4cfa59af8b2c1dc0095df70aecc2d6797d1acabd325599dddcb3072607a562360881e7c568b3f4605fbaef65a21e67964f02dcdf7f4cbf48328c3a3b7b71bd25a700ca14ecf58452b7972bc01e633f9768e6ff7897972f8da0506da3bec0c6d712f139f9767a592ad03f43b64c237797eac7c6117904258e290a4f93967246ffda94ffc81739ee1b7e1885a65eebde7d3131f525fae8730b212e6a2ea89bf4bbd5bb400c6128fb8ea3ca8b8e957fa19412ee811b01b19a92f5f4a683f3275b32eaed1435a15a14951ad2cc4e115689c101c2443043a9ebce47abe9a51ceadf106fd8598c070068137179477de7779c252e04b7c139a1c934a92a610b0a67f7c67ab5c7dc936823692a8aca62af04ab747d3297483b0bf232d501309652999c4a388adc373a7b604c16c23d1b1fc1dc94f048462753d33a28566f90618c8045d9d2bf9c20416cf8af25c38a8a0dc6f46e8fe2aeb16b0ecd332483f23c373c09ae7e65f2e0f51ce73f40a9eb17fdb9615b017662246dfa97b9cb5f0db58019586c745c4d81865fe790b156739f9628599fe3d46d54b1738b852c198f934aed2b6fa5f74279145ec60ef4a021428b3cc15b4a88b1503663c8f8665bfa031e338fe5b2f46ba0eb0ff90c88ab97007221adc7c43c32d28e335a20c4d312041930d1259977629c9687f4826e1c06fff852d80562c73162825f63931bfd24747ad1a39216013ea09e51ec76a02b8a218e63f014c9faa86a19e19d784d0a6e6442259b49841b560e866b403664b640665e7ad846ac62ecbfbc2c1a2ce97fa2a985b92dcfc3c0f4aabf9cc2c3081ac1023b0e4ce8b95bafb3b1cb012764e43def2615554168e99229dd88cec6811b8edeff0da586c9392335468efab3f247dff2bd6fff69ecf93bdad8626ae774bab4afd3e7bfa76f513bccce45982a2ceb81ef11435df090bde95a4a45d6432c47e9ae068a848446a56fea0043ec765f5253d0034203d44c747237da9f8e9927aa12463695db7abd8905e4a5109e2206c83f3d72c921786cc4045a0c6c4ec8494a7960fff7ae12678e9d6d85198325a0c83abf8bed0eadb0a", 0x1000}, {&(0x7f0000002a80)="b8dde076da78bc9f42c65c670a72c406228e4d27b46bf8d58e996eaf1ee3049c43e76b84b19487fbac", 0x29}], 0x4, &(0x7f0000002c40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r1, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r2, @ANYRES32, @ANYRES32=r2, @ANYBLOB="1c0000000000000001000000020000006ecdfddd0957bc5fa77c184a376c11085501c8372b7220a908e2cd9a969748f1a24a480edfdcab", @ANYRES32=r1, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="0000000120004992ecd8581211ff0300002800000100a41b6507c598e524d5948121a98b6913b9c66df8b7f50eb9921e86a5b75e6b8b7fcac1a7e91f0a704223dc82cc963da51758722fbb7eae62e12375e08d41d4ff34f6d6a14e23d7078c9205e401dc9965fbf6af1da85b5e8a6cc10cb793126c4cd676a91ae94e0004000011a4c69bdb1ed071854b80dd8ac74ca928859902a35dd1515746f59f9a6c8154508064174738bdb428a82d3a749a64056d2725e4a5af0000ef00"/209, @ANYRES32=r0, @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYBLOB="34000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYRES32=r2, @ANYBLOB="000000001000000000000000010000000100000018000000000000000100000001000000", @ANYRES32=r0, @ANYRES32], 0x150, 0x40008000}, {&(0x7f0000002fc0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003100)=[{&(0x7f0000003040)="b88156479a801457c4b7af31748fbd6d3a6808c766215a01cb08840b9cc507d4d1d513ab02dc29843d2862fb44c2ff3c1e3003ab5a06d29e2425050d0006862d20e19efd19bf8d700d53898d5acf7138396b7fdb2830286186ad151d975c897963b1ed4da00e17f2970bc7177b3c577b67a4dcb884cd29dcbd7a2b61445e63aef9086a1172e42b", 0x87}], 0x1, &(0x7f0000002e80)=ANY=[@ANYBLOB="14000000000000000100000001000000fd2ff6d1a0fb8f4e8e4b46132abb2e5c92f791b87e9040bfc60990ac403c4fe0c276a9c5301edbb973f0ad9b58b2f5059138fe274fcaffc263cc07cccefaa25119f685d00b5d337740cd29a1a4701134657b8d30a4ac2de1290be39f", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32, @ANYRES32=r3, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r4, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r5, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32=r8, @ANYRES32=r2, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0xd8, 0x18050}, {&(0x7f00000037c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004a00)=[{&(0x7f0000003840)="2a98c5774934835bf9f4ed425a48ab455027ed6ce690dedad521f350692da21a", 0x20}, {&(0x7f0000003880)="4382f3779f18ddb4746633f1a17350fab3923038f79d36fc4b9e5377e77d3bc45a3ccccf132be68d648f43a1fd591daad5a3d8b2945a2fbead38fb98ea8ece7731915c6738a92b14e53f2e6200340a3933972e0d151d53c85360451fda04f621cbe4a0ba629f7082b3945cdc6a43c69047b74c8b4b6a4024ebf4e310b83811addbf5bcd8fa2f8f6cb3ea5b00167ac6ca55bb1d087dc2f3a4dcb806e5a5f39b5ac127f04ff50d923d35ee14eff1285586594541fe18501fe31ba8affa6386af142c7e1a063a174ff76d3cdea4e865368043e078c19852f82b8e58ab2de3eea67539ce9e6266d5c412c5294c3159844decc1c3425bee721014ff2051a3a7391d089242b2c268f4c2b97307c5dd38f4689e6d2a1caaa5b3dd22c7f15787c8be2c4bc317eea166b08d1e445bdc32b987678aa74d8a46865745dd9b7e5758182070f0071099a5ed54cb52644e73473eec6764b2f7ae34567583fbf6ee8be91f0b43ea4f14fbbd5b52c0199488f29572b82b25e73c811c81539048b3508a6b01e2a56b1f3a5ab01d6611bea25cf395a50bbd0861687a717141380e9533f19e8699b1f42bdf952ee6c9bbecf18d9aa0805b32d3d91d6d9e888f239aae97d2b1e52495f4b0d691d1db33255c45ec3643bddf9c1043546ad210caae53f97f9f4fdc69a3e6a849a3e48f73c4bd3a83f2edb7487571ea40be8cfe84f73d860e12a15d11b130cd6b42d128c58ab2bb973c8ff7444fbfed318605e0d898a29d56234f89c59e30ed477c87f37a7dcc4bdc07843168061f1586ac4a5ea26ed8e51608fd5c524cded4dbd1e63f7a448737e3299ca8400eddd697ef747a0e481bbc91f18ea4d27dabe7a56f4d4d332af76229e02c5d7005f67c804df35a914f0cb7e800da13ad7c8662b30b944768e0f5d7f7f187c41f8c7b0ff7ecee0b4d25bff69ef4dd247382ef9abed0b31b9c551e4dc395f1d391d2e58b5aedab4b39920e4d37ad75a4777dfdb779d7cf3ef812d72e0b733cf4acb4dcabfd61dc3c1b58115128fcef7bcf8d7706002c65019f37613d557fb6caa334f8a2c65121a68317a075416998e053a33798da8fb39991c12c2b9afe04c9b3970b760f6a5a2147a9a65a6a919f16a6597c3e0737c01d30cf06df7cfa0bb4c045e110650914daeca60b24f60aea72d8de40edb4e9132022b4340132486282a93e0da21637bf58508f44a88987d1d6c549a01f885957683dc8bb23816f29830d70ead5045014002a55f2e9b9b1a8ea89bbc90d6a22b3a3e8af9367941ab9617b3823d3ecfa92ec8c457b732e4f0aa7340f948ca89dda43d69f8a0d6ae632ca8cd835e648f226289f974b0dd9adb5fd167b22f9871748fd0b5326973fcd1f2dd09c643939955823cf40c527b877751f9917d41606ae7f434dd9fa6d44bea2fa39d7eee081719da63aaecd942ef406507c9760d837f537eb6270092e0fe1eaf312277c5406791742bd2b70c3fe4be4285fa748e107e0458e47a4ee9291ae4f7eb2b79cd0a9d9478bcb83c9857fccd77558a7ee2ab44999889fa9e08f16e3c132e849c980ab41e79717603a4314d4a67333da0c79e4e76084e3024bdbe4187f15268536d2a58d3a3000e0661146d0f8ef213e5e32518c448f7df7a1cff03de311f1a8d150bab5815512c195aa7091770bae5a0dffa5d2390d30147d5f9ccbf74bb611e62b7b1c17e98bf25c1bfef98a054737c0db569640595397fa75ed050a25030cf7a3477a72d94c180b0e971ae0cdaa56ff1745cddcc003c417bc18403b94ac1427cc03f4b9cc690dd0996222e2167d2872acb0348c3afb59fb912a20c797226123bac5e240717d70bd40db848661700fdff52bd5b80f54945a7b373b3f90dd3b534543e41c60e659f5168f802a1e0c2abd9cfc0edbe7c32cc11f0536977aa95049b57cd6f01da03f1e21f9afc415d51fe2a40f5fdb7958448bd542189e590b3e511be33f09a72e895db66d832e256ea2c43d0966aa6b0007bfe30c5285b835034ec33c66663035891b98d9daafbbf031968639cdd5a30a47c2c7f2d314214abcfc2437642b8a9d75bc06e76da1bd9456316e85d38555b14715de8a287c9776320cc42b6b966baf4580b32796f094e1cc1a61c5fb1e5a89e0809f29517b5b05cd2aec12d8b969067f37450c23e870a440a1cf69dd37906cf31a3b7f95ed6eeeb20fba9fd65d2bd24766d43ee01edd12455baad10ee04cc5a308fd0efbb257fed549188b84f9884f1abc13f3ac5ad9a8b15159f4c2276a3ae1c63ad5327a63f6fa0a3e0d9ab4169590c1ef130b8613110a2980aab4c1528da96e2e02e3a3d73c5173e81d26a199a4c8088a202640fd01532059fc28cd514c1c1cee64bc02e1dd0b726d1751f276eeca8c3eafe3c7dd60232e030dd5ee05d91619327b9b0c9804b9b242c72164ed04458bd69b994748fc5635e10b97e90e8de951a01f6683c742ca28d6fbc003863517595baf83189ed5d4645e506ffa1462501470f00aa8e23db21dd4174651311b1e8af131a05c2ab512cdcfbe4ce6ea7d84dfd410046e9e828a6b1cec81c6c382c80f1934099a34a6af8e6550e030b0c2ccbc54da490621e909e8a22544e82d65d0b29f17eec85cadfded8fe56845fc4c67d6d5532e4106eecf7e554ead8e91770b7a295db748f78b68a7ba739ad4af6f9122ec10daa2a87534c4ef62eb263ec34aea49b2884514e71b479fbed636f62eff443fc560b61d385499633d1889b4aa4133ac6f8edb0e0b9aa76f7bf239b5a2b0e99274475d712ea9d9abd9fdf28f45f83713e140b0e2b7e65dc1a1a29abd318f1acdee3af252864d711821153f1798ea9fbe244e8cf2690708323ca62b048df5fa65ae343c4da22497a0c4b7a0309e7de8ee4aa0c59814d33856a1edea5b79dee67dc445c1a7e6b2360534ead68360398bc642b2c102f4b3f9f1f071d6780a98a79a42b0a11166b273b9d1e74bdff6437fe3ebcadee7ee036bad9d449f720de56fdbf1934acd2ad8e9ff679fd14c7c84ace3f83c9fe5478f9fe732863dfa859246f9be4a2637aa9b224791d0c6a6f6d56660cc2eb7b5eed0df96fd4338ebe2cb47f84465df43e93033d224b75e8610ea1237eb20395fcf89ad8d256583c395717c08dee9f2d10915d9b40a2f08cf4664a0fc9efb5a6f7b5729835f9a508038b3263af68418ec342ace7ae8423c3f863a1a3af32f37f3a6a7a66e41ef678c34b4d9047b272f69fddc741f842f1c1ace1a34aa4975129c71d028a476b3bd7a46b8b064895738ca51c615ff7806daeea004b582160b8dbdfe1b93429c1ef8636cb1daaa2dc67904cd1d8af4b1f4f70c9063f3561e5b4f77e5cb10c429cbfbad300bb370ed93ac1b990bd882f4ee76bb9198d6a07c4dbdffe0f7a8a84b4d8a4fd05c59bde766da2270b2ac8c69f949c0c394ac7a02597fcce638007327c1818873b32a40aad250a1bfd67205dae6709dbb956b5fe70cc18d41d6c0193a69b4abede7bf66662c27272e4ddefc3bb4f6facf109ad9c027e17e39b1d04d4edede77606850b0d741a3cfa33f478c6f85d913ca23fdd9c33b98ff087bca8d511e396a3eca79df9baa4c6f48400ae386caa312cd6760489356363a04a44cef12bde4bfcab7aca9f1a6e740454a7b01a2694203727dcb91a5393aefb0ae87b7a212c30c7ebbd2a4bc095e140b7033b458dc36904e0c70fef8b9b8e30bd550c79bddf885018bc9a28b5aa8f19b7d6bd57ccafb9a2b19f9fe10b32cc0efd162796fdf4aef9977169ae63ef5a3b217fcdd9221d1ea895b239b6fa969cfd569a49cfe407254586a2fee2ba46ae57f5af2d25a72a078cbf297150b88ba3ea52b84104979587d822b705cf231daeb662ad627b90cb5302f9acbb8a206126eb7ce34118279ae7c8d15095924e65e8c195cf8611d1485d54dc7c91ddf8ff691a083d645cfa771bcde121c423ea37f82303c4eee44afa54a5551026400d4091bf9f6ce30490a8e39844a703f3285283f50de59561e1a8c2a236ab44aa44c1563986fcedb9cf2e97bb699b8c216bd266e1a7f296ff9df52494698f6c6d3f3fd04bbb1de75a4c0686a452810ec252822b6c07ff5d4f6b8f7c69f353612189df619c2c322e28939444152db7e8256497d7e8605d1da804acdebf34ffa2da673fcf3bf465a99fb8b853d9c63065061e9ad36ed5f5e5590f54d02b74cc14d497a1b4fb0901f1c9d561fd1837f6385a8b7a4534a7dad78febf35e91659ccedaab031bbe30fd32174445b868d8958b21e7d288221635a9e0bcb3a7211398f0cb2a3b345c41acf1f239f9df988770873f02f30b5681288b02b3f452d514a71034e0031c058f0568958f85a923115b8699027fc3868d7f20ae540055d491e243066140361f0212ba835fd92ed93741b8b8c481cb9a3dffc3d617606b49eb4727cfeafbd2feae50c7b8e334a9014bf78917020634545c695643f47d236d1a671a3435b63265b0c6f0792da77c27e4cdf28b8ffde3c643dc5c44ccc3cb7bf1e6d23bc90392e2d0dbc74ed44574ca6c5f3b73604870763f3fab275311cd4490d62ff091acdb90b3d26fa32897b4e8e81ee4ca8f26cb7cd1c669be699f14aea7d7d7338d5789325acf71d5748aecf612cf4b22b9f53e3d3e0ec6643462fe4e2b024c75b874cfdebc5ff58de7d1f92dc4028bab01d89339fb7ec2a92c31769eb1f8c13fbaa6dd6e0ec23d12a84bdc858c2a6643429eb97eb2e1710950e298a2dfccd5b6fa295b3069de9748394bc927253784817c5a01cbee98348bdbbd3e0b55c92fa1b82dabc3c7924cce5d232e5c6baf6b11f7d31ed6b39d4512a337d9fe2172478667a3b5c3b13f7de6fcd80578041e5a3296b9bb304b4628e221f059b2d33978374ce6276ac321961b73548f35078e083e1e3ff54ae567db6533f8e9de49c8bc6ab330943b941689f73dd9c61fc5af988272cd18d3901121cb22a4f1b84c49306e99f0b2e7aefffefd52bdb43266900d4bdb653fe99f78777682533a21e5c599a26279212292d79e8f2c883cb48e80186b109bd395d4a1b904e2b80d7df9d8e7235cb6c3ac3bed38980b2959ae94ea535cba0feb8538e6421915f6dd32125af501466e5cfa7bf508c54f194b61385afecd89725b616613cf43fbd06cdcb025f2aeccb0b64368d08a6e75bb45c58bdcf822a4b3842cfc429500c2b00832f38be45b1513e8addc2c22c4985c6afb49b80b49f62b3a4342d1ddc1e742aca76a5724cb72ccd8cd52f5d978bb50c980f48be23cb91880556a8707ad8bdeae7a8c3f4de339e12ea39bad20ce99dd0a25d5d2efce70e794f094ea6a7e646136d076dfe3ce48a522c99a808a4f729ecce6763ec4c06c7db706c40b34bbc11e39b62938cbc64f6e4800c556b74bbbf71d9681113909fae2ff60524e0ef190e9dcdd9aae80aa17ec2c97784444d19c97a0e58ceea3664a2823957295aba2372fc7f1766c2dd0b433423654bacbc6a3f2ecfff15d8dbf0684ab8af932593d283d67667384d0a732595117c16b91a715f50e30ef3bd104775feab1b22b89b69ffc59f7ce5d1cb2d9822192ef29654d4c9f35846d59cf36f9ce92ab9f5d2583b7310f4ac82f7ef573516b9421da1a170db069d1deeed891257498b7558781b525f95c2f5a143daa6a54dc47f7b75564d0aa2b0a29e74145c648c7e230e0cfc3f673db2b981d59477226bb462012d1575679d94afed1127a87f3e57e1fb362bc3fdc41a01ffe7601b693e88a285a26b810405331342166ea0644b92d78a0cbfb4495c5576f4d8bfc4a9f2e8376dc3", 0x1000}, {&(0x7f0000004880)="6f9928d2330f36720bfbca89a1f67869e4ffd2ecd5d3d570d1fd2956192fe6feb622e9183b80935e42cd1aecc314e19de24d2b59b0fe03837a74e5287b185c564f1e5f68bffe13315ef35b97a60846f13730809c65f2dcb4afc16aefac394dff99aeee211b9c6b2b5075a7931427b4429d157ef626b159546c90e90a822649cf2924795b6ecf877dec2c1b7e11e15f76a8d19f7d18da541dbc80187efe607606bbed7fc5246d25dee71d89a8cb81814d8ed1e960e3", 0xb5}, {&(0x7f0000004940)="ef6a40e63a55820616f24e393675f62ac79fe180dd4c899f3113392239c954750c13873e93c2e0d096d462c022b2f2a36e943113007a286bebadf70721490db24e854da996f65d84ecbab2a4f1bfce3df8fc37de15aa99e0237707260f179a899ea4a4d32e982065374c63be39db9bb1e03d3ddca1d541c99a18b576d49f7778de4f2386617ed452774a5f3fe950ad33798099c5179526fa2428", 0x9a}], 0x4, 0x0, 0x0, 0x810}], 0x7, 0x24040000) 10:49:04 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x26, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:04 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x1800, &(0x7f0000001340)={[{@dots}]}) 10:49:04 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\n\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:04 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(r1, &(0x7f0000000040), 0x40000000, 0x0) r2 = io_uring_setup(0x2fe9, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0x0, 0xfffffffd}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0xad80c000) preadv(r3, &(0x7f0000000280), 0x0, 0x800d9f, 0x5) ftruncate(r3, 0x3ff) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) sched_rr_get_interval(r1, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x2000, &(0x7f0000001340)={[{@dots}]}) 10:49:04 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4c00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:04 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x27, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x2600, &(0x7f0000001340)={[{@dots}]}) 10:49:04 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = io_uring_setup(0x7ed8, &(0x7f00000002c0)={0x0, 0x0, 0x20, 0x1, 0x0, 0x0, r2}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:04 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xd675a9cc00000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:04 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\v\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:04 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x48, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:04 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:04 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000700)=[{&(0x7f00000005c0)=""/116, 0x74}, {&(0x7f0000000740)=""/91, 0x5b}, {&(0x7f0000000640)=""/47, 0x20}], 0x3, 0xd9f, 0x20) r1 = gettid() r2 = fcntl$getown(r0, 0x9) ptrace$setregset(0x4205, r2, 0x2, &(0x7f0000000280)={&(0x7f00000008c0)="ac6bd6e8a1052ee433a9d26294dd6ad639fedfea311a4021f34ad5aa8ae81648251143bb088578471f0a085ebf9f8bdb15e3cb6b3217e6bfbdaa28d12e3a96c10173517cca379f4cefe761ce015899df7d91a65c3dbd67e800adcd2afc627ef4f52ce6c905721f04838209f52e996024fdb6545af7fa70db63189ce613c5a476ba0dd4c55d1e45f2c450976c77bf92a80c9eac11371a9289be1c500b52b021b13a3a1d1e8e9350ceff28543c5b2adc25e4b649fc232c12c7e67bd87bc033d8dd79d483cfe1a6c2954fa5785b041fa0e3a02a8ae747112df32a8c6f66da", 0xdd}) r3 = io_uring_setup(0x20e1, &(0x7f00000002c0)={0x0, 0x3ad4, 0x2, 0xb}) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000540)=[{&(0x7f0000000040)=""/241, 0xf1}, {&(0x7f0000000140)=""/205, 0xcd}, {&(0x7f0000000340)=""/84, 0x54}, {&(0x7f00000007c0)=""/244, 0xf4}, {&(0x7f0000000240)=""/10, 0xa}, {&(0x7f00000004c0)=""/78, 0x4e}], 0x6) ptrace$setopts(0x4206, r1, 0x8, 0x20) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x2d05, &(0x7f0000001340)={[{@dots}]}) 10:49:04 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x3f00, &(0x7f0000001340)={[{@dots}]}) 10:49:04 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6c00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:05 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) creat(&(0x7f0000000200)='./file0\x00', 0x39) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000001400)=""/27, 0x1b}, {&(0x7f0000001440)=""/112, 0x70}, {&(0x7f00000014c0)=""/224, 0xe0}], 0x3, 0x3, 0x3) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_io_uring_setup(0x53b5, &(0x7f0000001340)={0x0, 0x17ab, 0x20, 0x3, 0x350, 0x0, r3}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000713000/0x4000)=nil, &(0x7f0000000240), &(0x7f00000013c0)) preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/255, 0xff}, {&(0x7f0000000140)=""/66, 0x42}, {&(0x7f0000000340)=""/4096, 0x1000}], 0x3, 0x200, 0xe485) tkill(r1, 0x7) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611) 10:49:05 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x4c, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:05 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x4000, &(0x7f0000001340)={[{@dots}]}) 10:49:05 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:05 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xdaffffff00000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:05 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) write(r0, &(0x7f0000000040)="f97d569ccac8b4db7e0a221daae310a4cd95f9e0cab2a8e80af68cf366254b750f1accf72764b39be36f98cb438781ebfd200b2747e2151d505f02ced1b4b2e24a0d954df3d74fb75fe68709a216214939ef6954a27e6dba9c3c372799c418a7cb36aae7928a2640fc73556357b959f006de86f48e2a6147353f99106e2d7d7dad511c0067520488a2819c992d30131e4a", 0x91) mmap(&(0x7f0000540000/0x2000)=nil, 0x2000, 0x8, 0x40010, 0xffffffffffffffff, 0x88eb6000) r1 = gettid() mq_timedreceive(r0, &(0x7f0000000100)=""/55, 0x37, 0x9, &(0x7f0000000140)={0x77359400}) r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)={0x0, 0xe682, 0x0, 0x0, 0x4004}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:05 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x8004, &(0x7f0000001340)={[{@dots}]}) 10:49:05 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7a00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:05 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\f\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:05 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x68, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:05 executing program 0: getpid() r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:05 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xfeff, &(0x7f0000001340)={[{@dots}]}) 10:49:05 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8cffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:05 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x6c, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:05 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0xfffe, &(0x7f0000001340)={[{@dots}]}) 10:49:05 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) signalfd4(r0, &(0x7f0000000040)={[0x3507]}, 0x8, 0x0) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x6) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r3, 0x0, 0x5) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) sendmsg$AUDIT_SET(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0xfffffe7e, 0x3e9, 0x122, 0x70bd25, 0x25dfdbfd, {0x2, 0x1, 0x1, r3, 0x8, 0x2, 0xffffffff, 0x3e, 0x0, 0x7ffffff7}, ["", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xf6ffffff00000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:06 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xb301000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:06 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x80000, &(0x7f0000001340)={[{@dots}]}) 10:49:06 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = dup3(r0, r0, 0x0) r3 = io_uring_setup(0x27ba, &(0x7f0000002440)={0x0, 0x761e, 0x2, 0x4, 0xfffffffe, 0x0, r2}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xf, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000002400)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000002380)=[{&(0x7f0000000040)=""/118, 0x76}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/186, 0xba}, {&(0x7f0000000180)=""/84, 0x54}, {&(0x7f0000000200)=""/40, 0x28}, {&(0x7f0000000240)=""/24, 0x18}, {&(0x7f0000002340)=""/5, 0x5}], 0x8) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:06 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\r\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:06 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x74, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:06 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xf6ffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:06 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) wait4(0xffffffffffffffff, &(0x7f0000000140), 0x8, &(0x7f0000000180)) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000240)={{r0}, 0x8000, 0x9, 0x3}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) gettid() preadv(r2, &(0x7f0000000100)=[{&(0x7f0000000040)=""/130, 0x82}], 0x1, 0xffff7fff, 0x2) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:06 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x80040, &(0x7f0000001340)={[{@dots}]}) 10:49:06 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x7a, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:06 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfeffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:06 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x6) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r3, 0x0, 0x4) ptrace$cont(0x20, r3, 0x0, 0x5) wait4(r3, &(0x7f0000000040), 0x1, &(0x7f0000000080)) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:07 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, 0xf9fdffff00000000, &(0x7f0000001440), 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB='time_offset=0xff']) 10:49:07 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x200000, &(0x7f0000001340)={[{@dots}]}) 10:49:07 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff7f00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:07 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000040)=r0, 0x1) io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xf, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x6, 0x0, 0x0) tkill(r1, 0x7) 10:49:07 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0xff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:07 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10d) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4000010, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000240)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in6=@loopback, @in6=@remote}, {@in=@private, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'sha384-generic\x00'}, 0x2}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000001740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',msize=0x0000000000000007,msize=0xffffffffffffffff,access=client,cache=fscache,posixacl,version=9p2000,obj_type=user.incfs.metadata\x00,smackfsroot=user.incfs.metadata\x00,uid>', @ANYRESDEC=0xee00, @ANYBLOB="3c0028172b5c209f1d00000000000000000022d684fa57c46364d2df31e3b9a6866e028c210e56d28b5b40a756ad05ecea4e301b8ea984fb4c2f57ec7a26ffff78be1e8777676ad4d19aaef5eec30aa5aec6c85558dd50f326"]) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000100)={0x0, 0x1, 0x2000000401, 0x1}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000001480), 0x121401, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001c40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x0e\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001400)=ANY=[@ANYRES32=r6, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r4, @ANYRESOCT, @ANYRES64, @ANYRESHEX=r3], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f0000000500)={0x6, 0x4, {0x3, @struct={0x0, 0x5}, 0x0, 0x7, 0x6, 0x10001, 0x7, 0x7bc2, 0x4, @struct={0x2, 0x2}, 0x5, 0x1, [0x4, 0x7, 0xfffffffffffffff8, 0x0, 0x4, 0x40c]}, {0x4a, @usage=0x2, r2, 0x3, 0x800, 0x0, 0x8, 0x81, 0x428, @struct={0x1, 0x20}, 0x0, 0x2, [0x100000001, 0x1, 0x5, 0x1, 0x8000, 0x9]}, {0x7, @usage=0xffffffff, r6, 0x2, 0x0, 0x0, 0x4, 0x1f, 0x90, @usage=0x102, 0xe0000000, 0x6, [0x8000, 0x9d86, 0x2, 0xf4e, 0x1, 0x3]}, {0x0, 0x9adb, 0x5f2}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x0, 0x5, {0x6fdf, @usage=0x8, 0x0, 0x5, 0x55e, 0x8, 0x3, 0x9, 0x20, @usage, 0xffffff00, 0x7, [0x100000001, 0x0, 0x7, 0x1, 0xfffffffffffffffe, 0xa45]}, {0x2, @usage=0xfffffffffffffffe, 0x0, 0xfffffffffffffbff, 0x3, 0x100000000, 0x8, 0x0, 0x448, @struct={0x3b64, 0x3}, 0x800, 0x7fff, [0x3, 0x4, 0x0, 0x2, 0xff, 0x100000000]}, {0x9, @usage=0x7e47cf27, r6, 0xe1, 0x4, 0x5, 0x1, 0x3, 0x67, @usage=0x7, 0x2, 0x3, [0xfff, 0x5, 0x0, 0x101, 0xe2b, 0x8]}, {0x78d, 0x40, 0x3}}) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000040)={r6, "dfdd3cf04d82c8962cec515eaf5bc658"}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80000100, 0x0) 10:49:07 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1b3ae8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:07 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x400000, &(0x7f0000001340)={[{@dots}]}) 10:49:07 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 10:49:07 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() r2 = io_uring_setup(0x20e1, &(0x7f00000002c0)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000280)=[0xffffffffffffffff], 0x1) clock_gettime(0x0, &(0x7f00000033c0)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000000240)=[{{&(0x7f0000000080)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000003340)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000100)=""/213, 0xd5}, {&(0x7f0000000200)=""/25, 0x19}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000002340)=""/4096, 0x1000}], 0x5}, 0xffffffff}], 0x1, 0x20, &(0x7f0000003400)={r3, r4+60000000}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$BTRFS_IOC_BALANCE(r5, 0x5000940c, 0x0) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x41) io_uring_register$IORING_UNREGISTER_FILES(r2